MGASA-2020-0370

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2020-0370.html

Import Source

https://advisories.mageia.org/MGASA-2020-0370.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2020-0370

Related

Published

2020-09-27T20:06:37Z

Modified

2020-09-21T19:15:59Z

Summary

Updated mbedtls packages fix security vulnerabilities

Details

mbedtls 2.16.8 fixes three security vulnerabilities which could affect earlier releases:

Local side channel attack on classical CBC decryption in (D)TLS (CVE-2020-16150).

Local side channel attack on RSA and static Diffie-Hellman.

Protocol weakness in DHE-PSK key exchange.

References

Credits

Affected packages