ChangeLog.d/fix-aead-nonce.txt - third_party/github/ARMmbed/mbedtls - Git at Google

 Security
    * In psa_aead_generate_nonce(), do not read back from the output buffer.
      This fixes a potential policy bypass or decryption oracle vulnerability
      if the output buffer is in memory that is shared with an untrusted
      application.
	Security
	* In psa_aead_generate_nonce(), do not read back from the output buffer.
	This fixes a potential policy bypass or decryption oracle vulnerability
	if the output buffer is in memory that is shared with an untrusted
	application.