Mbed TLS/PolarSSL 历史安全公告汇总

从这个网页截图中，我们可以获取到以下关于漏洞的关键信息： 1. 漏洞列表： - Limited authentication bypass in TLS 1.3 optional client authentication - Stack buffer overflow in ECDSA signature conversion functions - CTR_DRBG prioritized over HMAC_DRBG as the PSA DRBG - Insecure handling of shared memory in PSA Crypto APIs - Buffer overflow in mbedtls_x509_set_extension() - Timing side channel in private key RSA operations - Buffer overflow in TLS handshake parsing with ECDH - Buffer overread in TLS stream cipher suites - Buffer overread in DTLS ClientHello parsing - Double Free in mbedtls_ssl_set_session() in an error case - Local side channel attack on static Diffie-Hellman with Montgomery curves - Local side channel attack on RSA - Protocol weakness in DHE-PSK key exchange - Local side channel attack on RSA and static Diffie-Hellman - Local side channel attack on classical CBC decryption in (D)TLS - Side-channel attack on ECC key import and validation - Side channel attack on ECDSA - Cache attack against RSA key import in SGX - Side channel attack on ECDSA - Side channel attack on deterministic ECDSA - Mbed TLS Security Advisory 2018-03 - Mbed TLS Security Advisory 2018-02 - mbed TLS Security Advisory 2018-01 - mbed TLS Security Advisory 2017-02 - mbed TLS Security Advisory 2017-01 - mbed TLS Security Advisory 2015-01 - PolarSSL Security Advisory 2014-04 - PolarSSL Security Advisory 2014-03 - PolarSSL Security Advisory 2014-02 - PolarSSL Security Advisory 2014-01 - PolarSSL Security Advisory 2013-05 - PolarSSL Security Advisory 2013-04 - PolarSSL Security Advisory 2013-03 - PolarSSL Security Advisory 2013-02 - PolarSSL Security Advisory 2013-01 - PolarSSL Security Advisory 2012-01 - PolarSSL Security Advisory 2011-02 - PolarSSL Security Advisory 2011-01 2. 安全建议： - Limited authentication bypass in TLS 1.3 optional client authentication - Stack buffer overflow in ECDSA signature conversion functions - CTR_DRBG prioritized over HMAC_DRBG as the PSA DRBG - Insecure handling of shared memory in PSA Crypto APIs - Buffer overflow in mbedtls_x509_set_extension() - Timing side channel in private key RSA operations - Buffer overflow in TLS handshake parsing with ECDH - Buffer overread in TLS stream cipher suites - Buffer overread in DTLS ClientHello parsing - Double Free in mbedtls_ssl_set_session() in an error case - Local side channel attack on static Diffie-Hellman with Montgomery curves - Local side channel attack on RSA - Protocol weakness in DHE-PSK key exchange - Local side channel attack on RSA and static Diffie-Hellman - Local side channel attack on classical CBC decryption in (D)TLS - Side-channel attack on ECC key import and validation - Side channel attack on ECDSA - Cache attack against RSA key import in SGX - Side channel attack on ECDSA - Side channel attack on deterministic ECDSA 这些信息可以帮助开发者和安全专家了解Mbed TLS库中存在的安全漏洞，并采取相应的措施来修复这些漏洞。

目标达成 感谢每一位支持者 — 我们达成了 100% 目标！

Mbed TLS/PolarSSL 历史安全公告汇总

目标达成感谢每一位支持者 — 我们达成了 100% 目标！