AVG-198

Package mbedtls
Status Fixed
Severity Critical
Type arbitrary code execution
Affected 2.4.0-1
Fixed 2.4.2-1
Current 2.8.0-1 [community]
Ticket None
Created Sat Mar 11 20:22:39 2017
Issue Severity Remote Type Description
CVE-2017-2784 Critical Yes Arbitrary code execution
A security issue has been found in mbed TLS < 2.4.2. If a malicious peer supplies a certificate with a specially crafted secp224k1 public key, then an...
Date Advisory Package Description
20 Mar 2017 ASA-201703-16 mbedtls arbitrary code execution
References
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2017-01