xref: /hypervisor/lib/crypto/mbedtls/ChangeLog

52      where the outgoing buffer can be fixed at a smaller size than the incoming
175      overreads could be caused by receiving a malformed message at the point
774      renegotiation routines at unexpected times when the protocol is DTLS. Found
865    * Guarantee that P>Q at RSA key generation. Found by inestlerode. #558
963      drop the record and look at subsequent records (if any are present) in
1124    * The PEM parser now accepts a trailing space at end of lines (#226).
1125    * It is now possible to #include a user-provided configuration file at the
1277    * Support for receiving SSLv2 ClientHello is now disabled by default at
1317      more (at the expense of performance) MBEDTLS_SHA256_SMALLER.
1335    * Add support for id-at-uniqueIdentifier in X.509 names.
1367      doing it at runtime (using uname) rather that compile time.
1438    * Support for renegotiation can now be disabled at compile-time
1444    * Add ssl_set_arc4_support() to make it easier to disable RC4 at runtime
1452    * Possible buffer overflow of length at most POLARSSL_MEMORY_ALIGN_MULTIPLE
1483      at runtime with ssl_set_truncated_hmac().
1531    * Accept spaces at end of line or end of buffer in base64_decode().
1608    * version_check_feature() added to check for compile-time options at
1937       this will be made in the 1.2 branch at this point.
2001    * Accept spaces at end of line or end of buffer in base64_decode().
2252    * Added ServerName extension parsing (SNI) at server side
2286    * Handle existence of OpenSSL Trust Extensions at end of X.509 DER blob
2339    * Handle existence of OpenSSL Trust Extensions at end of X.509 DER blob
2377      Frama-C team at CEA LIST)
2820     * Ciphers used in SSL/TLS can now be disabled at compile
2871     * Added the copyright notice at the top of havege.h

Last Index update Fri Aug 22 02:31:50 CST 2025