Update Info

openSUSE-2018-382


Security update for mbedtls


Type: security
Severity: moderate
Issued: 2018-04-20
Description:
This update for mbedtls fixes the following issues:

Security issues fixed:

- CVE-2018-9988: Fixed buffer over-read in ssl_parse_server_key_exchange() that could cause a crash on invalid input (boo#1089022).
- CVE-2018-9989: Fixed buffer over-read in ssl_parse_server_psk_hint() that could cause a crash on invalid input (boo#1089021).


              

Packages


  • mbedtls-1.3.19-14.1