AVG-198 log
| Package | mbedtls |
| Status | Fixed |
| Severity | Critical |
| Type | arbitrary code execution |
| Affected | 2.4.0-1 |
| Fixed | 2.4.2-1 |
| Current | 3.5.2-1 [extra] |
| Ticket | None |
| Created | Sat Mar 11 20:22:39 2017 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2017-2784 | Critical | Yes | Arbitrary code execution | A security issue has been found in mbed TLS < 2.4.2. If a malicious peer supplies a certificate with a specially crafted secp224k1 public key, then an... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 20 Mar 2017 | ASA-201703-16 | mbedtls | arbitrary code execution |
| References |
|---|
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2017-01 |