ChangeLog.d/fix-in-cid-buffer-size.txt - third_party/github/ARMmbed/mbedtls - Git at Google

 Bugfix
     * Fix potential buffer overflow in DTLS with MBEDTLS_SSL_DTLS_CONNECTION_ID
       enabled leading to context corruption.

 Security
     * Fix potential memory probe through non-constant time memcmp() in DTLS
       with MBEDTLS_SSL_DTLS_CONNECTION_ID enabled. The memory probe is possible
       only under very specific and unlikely conditions:
       2 * MBEDTLS_SSL_CID_OUT_LEN_MAX < MBEDTLS_SSL_CID_IN_LEN_MAX if
       MBEDTLS_SSL_CONTEXT_SERIALIZATION is disabled,
       MBEDTLS_SERVER_HELLO_RANDOM_LEN + MBEDTLS_CLIENT_HELLO_RANDOM_LEN +
       2 * MBEDTLS_SSL_CID_OUT_LEN_MAX < MBEDTLS_SSL_CID_IN_LEN_MAX if
       MBEDTLS_SSL_CONTEXT_SERIALIZATION is enabled. Those conditions are not
       met with the default values of MBEDTLS_SSL_CID_IN_LEN_MAX and
       MBEDTLS_SSL_CID_OUT_LEN_MAX where the two maximum lengths are equal.
	Bugfix
	* Fix potential buffer overflow in DTLS with MBEDTLS_SSL_DTLS_CONNECTION_ID
	enabled leading to context corruption.

	Security
	* Fix potential memory probe through non-constant time memcmp() in DTLS
	with MBEDTLS_SSL_DTLS_CONNECTION_ID enabled. The memory probe is possible
	only under very specific and unlikely conditions:
	2 * MBEDTLS_SSL_CID_OUT_LEN_MAX < MBEDTLS_SSL_CID_IN_LEN_MAX if
	MBEDTLS_SSL_CONTEXT_SERIALIZATION is disabled,
	MBEDTLS_SERVER_HELLO_RANDOM_LEN + MBEDTLS_CLIENT_HELLO_RANDOM_LEN +
	2 * MBEDTLS_SSL_CID_OUT_LEN_MAX < MBEDTLS_SSL_CID_IN_LEN_MAX if
	MBEDTLS_SSL_CONTEXT_SERIALIZATION is enabled. Those conditions are not
	met with the default values of MBEDTLS_SSL_CID_IN_LEN_MAX and
	MBEDTLS_SSL_CID_OUT_LEN_MAX where the two maximum lengths are equal.