Skip to content

Mbed TLS 3.6.2

Latest
Compare
Choose a tag to compare
@davidhorstmann-arm davidhorstmann-arm released this 15 Oct 12:35
· 1975 commits to development since this release

Description

This release of Mbed TLS provides the fix for a security vulnerability.

Mbed TLS 3.6 is a long-term support (LTS) branch. It will be supported with bug-fixes and security fixes until at least March 2027.

Security Advisories

For full details, please see the following links:

Release notes are truncated in GitHub's releases page: Please refer to the 3.6.2 release page.

Release Notes

Security

  • Fix a buffer underrun in mbedtls_pk_write_key_der() when
    called on an opaque key, MBEDTLS_USE_PSA_CRYPTO is enabled,
    and the output buffer is smaller than the actual output.
    Fix a related buffer underrun in mbedtls_pk_write_key_pem()
    when called on an opaque RSA key, MBEDTLS_USE_PSA_CRYPTO is enabled
    and MBEDTLS_MPI_MAX_SIZE is smaller than needed for a 4096-bit RSA key.
    CVE-2024-49195

Who should update

We recommend all users should update to take advantage of the bug fixes contained in this release at an appropriate point in their development lifecycle.

Note

mbedtls-3.6.2.tar.bz2 is our official release file. source.tar.gz and source.zip are automatically generated snapshots that github generates. They do not include external dependencies, and can't be configured

Checksum

The SHA256 hash for the archive is:

8b54fb9bcf4d5a7078028e0520acddefb7900b3e66fec7f7175bb5b7d85ccdca mbedtls-3.6.2.tar.bz2