AVG-1141 log
| Package | mbedtls |
| Status | Fixed |
| Severity | Medium |
| Type | private key recovery |
| Affected | 2.16.5-1 |
| Fixed | 2.16.7-1 |
| Current | 3.6.4-1 [extra] |
| Ticket | None |
| Created | Wed Apr 22 13:32:56 2020 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2020-10932 | Medium | No | Private key recovery | A side channel attack has been found on the ECDSA implementation of Mbed TLS before 2.22.0, 2.16.6 and 2.7.15, allowing a local attacker with access to... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 31 Jul 2020 | ASA-202007-5 | mbedtls | private key recovery |
| References |
|---|
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-04 |