SUSE Package Hub - openSUSE-2022-10247

Update Info

openSUSE-2022-10247

Security update for mbedtls

Type: security

Severity: important

Issued: 2022-12-22

Description:

This update for mbedtls fixes the following issues:

- CVE-2022-35409: Fixed buffer overread in DTLS ClientHello parsing (boo#1201581).

References

CVE: CVE-2022-35409
CVE: CVE-2021-35409
Bugzilla: 1201581 VUL-0: CVE-2022-35409: mbedtls: Buffer overread in DTLS ClientHello parsing

Packages

mbedtls-2.16.9-bp153.2.8.1