Improve Changelog

yanesca · yanesca · commit 5a1c0e716242 · 2017-06-16T12:27:47.000+01:00
diff --git a/ChangeLog b/ChangeLog
@@ -17,48 +17,56 @@ Security
      potential Bleichenbacher/BERserk-style attack.
 
 Bugfix
-   * Remove invalid use of size zero arrays in ECJPAKE test suite.
+   * Remove size zero arrays from ECJPAKE test suite. Size zero arrays are not
+     valid C and they prevented the test from compiling in Visual Studio 2015
+     and with GCC using the -Wpedantic compilation option.
    * Fix insufficient support for signature-hash-algorithm extension,
      resulting in compatibility problems with Chrome. Found by hfloyrd. #823
-   * If sending a fatal alert fails, make sure not to hide the error
+   * Fix behaviour that hid the original cause of fatal alerts in some cases
+     when sending the alert failed. The fix makes sure not to hide the error
      that triggered the alert.
-   * In SSLv3, if refusing a renegotiation attempt, don't process any further
-     data.
+   * Fix SSLv3 renegotiation behaviour and stop processing data received from
+     peer after sending a fatal alert to refuse a renegotiation attempt.
+     Previous behaviour was to keep processing data even after the alert has
+     been sent.
    * Accept empty trusted CA chain in authentication mode
      MBEDTLS_SSL_VERIFY_OPTIONAL.
-     Fixes #864. Found by jethrogb.
-   * Fix implementation of mbedtls_ssl_parse_certificate
-     to not annihilate fatal errors in authentication mode
-     MBEDTLS_SSL_VERIFY_OPTIONAL and to reflect bad EC curves
-     within verification result.
-   * Fix modular inversion function on invalid modulus 1.
-     Found by blaufish. Fixes #641.
-   * Fix incorrect sign computation in modular exponentiation
-     when dealing with negative MPI. Found by Guido Vranken.
-   * Fix potential stack underflow in mpi_read_file.
-     Found by Guido Vranken.
+     Found by jethrogb. #864
+   * Fix implementation of mbedtls_ssl_parse_certificate() to not annihilate
+     fatal errors in authentication mode MBEDTLS_SSL_VERIFY_OPTIONAL and to
+     reflect bad EC curves within verification result.
+   * Fix bug that caused the modular inversion function to accept the invalid
+     modulus 1 and therefore to hang. Found by blaufish. #641.
+   * Fix incorrect sign computation in modular exponentiation when the base is
+     a negative MPI. Previously the result was always negative. Found by Guido
+     Vranken.
+   * Fix a numerical underflow leading to stack overflow in mpi_read_file()
+     that was triggered uppon reading an empty line. Found by Guido Vranken.
 
 Changes
-   * Send fatal alerts in many more cases instead of dropping the connection.
+   * Send fatal alerts in more cases. The previous behaviour was to skip
+     sending the fatal alert and just drop the connection.
    * Clarify ECDSA documentation and improve the sample code to avoid
-     misunderstandings and potentially dangerous use of the API. Pointed out
+     misunderstanding and potentially dangerous use of the API. Pointed out
      by Jean-Philippe Aumasson.
 
 = mbed TLS 2.5.0 branch released 2017-05-17
 
 Security
    * Wipe stack buffers in RSA private key operations
-     (rsa_rsaes_pkcs1_v15_decrypt(), rsa_rsaes_oaep_decrypt).
-     Found by Laurent Simon.
+     (rsa_rsaes_pkcs1_v15_decrypt(), rsa_rsaes_oaep_decrypt). Found by Laurent
+     Simon.
    * Add exponent blinding to RSA private operations as a countermeasure
      against side-channel attacks like the cache attack described in
      https://arxiv.org/abs/1702.08719v2.
      Found and fix proposed by Michael Schwarz, Samuel Weiser, Daniel Gruss,
      Clémentine Maurice and Stefan Mangard.
 
 Features
-   * Exposed parts of the Elliptic Curve Point internal interface, to provide
-     interface for external hardware acceleration code.
+   * Add hardware acceleration support for the Elliptic Curve Point module.
+     This involved exposing parts of the internal interface to enable
+     replacing the core functions and adding and alternative, module level
+     replacement support for enabling the extension of the interface.
    * Add a new configuration option to 'mbedtls_ssl_config' to enable
      suppressing the CA list in Certificate Request messages. The default
      behaviour has not changed, namely every configured CAs name is included.
@@ -74,7 +82,12 @@ API Changes
 Bugfix
    * Remove macros from compat-1.3.h that correspond to deleted items from most
      recent versions of the library. Found by Kyle Keen.
-   * Fixed issue in mutexes to failing to initialise. #667
+   * Fixed issue in the Threading module that prevented mutexes from
+     initialising. Found by sznaider. #667 #843
+   * Add checks in the PK module for the RSA functions on 64-bit systems.
+     The PK and RSA modules use different types for passing hash length and
+     without these checks the type cast could lead to data loss. Found by Guido
+     Vranken.
 
 = mbed TLS 2.4.2 branch released 2017-03-08
 
