AVG-198 log
Package | mbedtls |
Status | Fixed |
Severity | Critical |
Type | arbitrary code execution |
Affected | 2.4.0-1 |
Fixed | 2.4.2-1 |
Current | 3.6.1-1 [extra] |
Ticket | None |
Created | Sat Mar 11 20:22:39 2017 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2017-2784 | Critical | Yes | Arbitrary code execution | A security issue has been found in mbed TLS < 2.4.2. If a malicious peer supplies a certificate with a specially crafted secp224k1 public key, then an... |
Date | Advisory | Package | Type |
---|---|---|---|
20 Mar 2017 | ASA-201703-16 | mbedtls | arbitrary code execution |
References |
---|
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2017-01 |