Security update for mbedtls
This update for mbedtls fixes the following issues:
Security issues fixed:
- CVE-2018-9988: Fixed buffer over-read in ssl_parse_server_key_exchange() that could cause a crash on invalid input (boo#1089022).
- CVE-2018-9989: Fixed buffer over-read in ssl_parse_server_psk_hint() that could cause a crash on invalid input (boo#1089021).
-
Submitted by
Karol Babioch (kbabioch)
Fixed bugs
bnc#1089022
VUL-0: CVE-2018-9988: mbedtls: buffer over-read in ssl_parse_server_key_exchange() that could cause a crash on invalid input.
bnc#1089021
VUL-1: CVE-2018-9989: mbedtls: buffer over-read in ssl_parse_server_psk_hint() that could cause a crash on invalid input.
