AVG-1141 log

Package mbedtls
Status Fixed
Severity Medium
Type private key recovery
Affected 2.16.5-1
Fixed 2.16.7-1
Current 3.5.2-1 [extra]
Ticket None
Created Wed Apr 22 13:32:56 2020
Issue Severity Remote Type Description
CVE-2020-10932 Medium No Private key recovery
A side channel attack has been found on the ECDSA implementation of Mbed TLS before 2.22.0, 2.16.6 and 2.7.15, allowing a local attacker with access to...
Date Advisory Package Type
31 Jul 2020 ASA-202007-5 mbedtls private key recovery
References
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-04