Skip to content
Commit bb72c3d0 authored by Kumar Gala's avatar Kumar Gala Committed by Anas Nashif
Browse files

crypto: mbedtls: Update mbedTLS to 2.7.0 

Due to a security advisory released on February 1st 2018[1], it's
advisable to update mbedTLS to 2.7.0.

The vulnerability, identified as CVE-2018-0488 and CVE-2018-0487, risk
remote code execution when truncated HMAC is enabled or when verifying
RSASSA-PSS signatures.

[1] https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-01



Fixes: #6025

Signed-off-by: default avatarKumar Gala <kumar.gala@linaro.org>
parent 9c6a1aa7
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment

CRA Git | Maintained and supported by SUSTech CRA and CCSE