Security update for mbedtls
This update for mbedtls fixes the following issues:
- mbedtls was updated to version 2.16.9
- CVE-2020-10932: Fixed side channel in ECC code that allowed an adversary with
access to precise enough timing and memory access information (typically an
untrusted operating system attacking a secure enclave) to fully recover
an ECDSA private key (boo#1181468).
This update was imported from the openSUSE:Leap:15.2:Update update project.
-
Submitted by
Alexandros Toptsoglou (atopt)
Fixed bugs
bnc#1181468
VUL-0: CVE-2020-10932: mbedtls: side channel attack possibly leading to information disclosure
