Skip to content

Commit

Permalink
Modifies ChangeLog
Browse files Browse the repository at this point in the history 
Corrects erroneous removal from ChangeLog.

Signed-off-by: Thomas Daubney <[email protected]>
  • Loading branch information
@tom-daubney-arm
tom-daubney-arm committed Jun 18, 2021
1 parent 379227c commit d596e99
Showing 1 changed file with 10 additions and 0 deletions.
10 changes: 10 additions & 0 deletions ChangeLog
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1686,6 +1686,16 @@ Changes

= mbed TLS 2.8.0 branch released 2018-03-16

Default behavior changes
* The truncated HMAC extension now conforms to RFC 6066. This means
that when both sides of a TLS connection negotiate the truncated
HMAC extension, Mbed TLS can now interoperate with other
compliant implementations, but this breaks interoperability with
prior versions of Mbed TLS. To restore the old behavior, enable
the (deprecated) option MBEDTLS_SSL_TRUNCATED_HMAC_COMPAT in
config.h. Found by Andreas Walz (ivESK, Offenburg University of
Applied Sciences).

Security
* Fix implementation of the truncated HMAC extension. The previous
implementation allowed an offline 2^80 brute force attack on the
Expand Down

0 comments on commit d596e99

Please sign in to comment.