AVG-1386 log
| Package | mbedtls |
| Status | Fixed |
| Severity | High |
| Type | private key recovery |
| Affected | 2.16.7-1 |
| Fixed | 2.25.0-1 |
| Current | 3.5.2-1 [extra] |
| Ticket | FS#69128 |
| Created | Sun Dec 27 12:20:12 2020 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2020-16150 | High | No | Private key recovery | A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 08 Jan 2021 | ASA-202101-7 | mbedtls | private key recovery |