Update Info


Security update for mbedtls

Type: security
Severity: moderate
Issued: 2021-03-09
This update for mbedtls fixes the following issues:

- mbedtls was updated to version 2.16.9
  - CVE-2020-10932: Fixed side channel in ECC code that allowed an adversary with 
    access to precise enough timing and memory access information (typically an
    untrusted operating system attacking a secure enclave) to fully recover
    an ECDSA private key (boo#1181468).

This update was imported from the openSUSE:Leap:15.2:Update update project.



  • mbedtls-2.16.9-bp152.2.3.1