Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 33: 2021-10bfc067d1 Moderate: Mbedtls 2.16.11 Update

fedora
Calendar Grey August 1, 2021
Dist Fedora Esm H88
Notice of Update for mbedtls 2.16.11 in Fedora, tackling various security vulnerabilities and enhancements. Discover more!
- Update to 2.16.11 Release notes: https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.16.11

Summary

Mbed TLS is a light-weight open source cryptographic and SSL/TLS

library written in C. Mbed TLS makes it easy for developers to include

cryptographic and SSL/TLS capabilities in their (embedded)

applications with as little hassle as possible.

FOSS License Exception: https://www.trustedfirmware.org/projects/mbed-tls/

- Update to 2.16.11 Release notes:

https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.16.11

* Sat Jul 24 2021 Morten Stevens - 2.16.11-1

- Update to 2.16.11

* Thu Jul 22 2021 Fedora Release Engineering - 2.16.9-3

- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild

* Tue Jan 26 2021 Fedora Release Engineering - 2.16.9-2

- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild

[ 1 ] Bug #1943664 - mbedtls: multiple vulnerabilities fixed in mbedtls-2.26.0

https://bugzilla.redhat.com/show_bug.cgi?id=1943664

[ 2 ] Bug #1981510 - mbedtls: Local side channel attack on RSA

https://bugzilla.redhat.com/show_bug.cgi?id=1981510

[ 3 ] Bug #1981514 - mbedtls: Local side channel attack on static Diffie-Hellman with Montgomery curves

https://bugzilla.redhat.com/show_bug.cgi?id=1981514

[ 4 ] Bug #1985311 - CVE-2021-24119 mbedtls: side-channel vulnerability allows system-level-attacker information disclosure

https://bugzilla.redhat.com/show_bug.cgi?id=1985311

su -c 'dnf upgrade --advisory FEDORA-2021-10bfc067d1' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

Topics%20covered

Topics Covered

security advisory moderate Fedora cryptography TLS mbedtls

Change Log

References

Update Instructions

Severity
important
Lowest
Low
Medium
High
Critical

Product: Fedora 33
Version: 2.16.11
Release: 1.fc33
URL: https://www.trustedfirmware.org/projects/mbed-tls/
Summary: Light-weight cryptographic and SSL/TLS library

Topics%20covered

Topics Covered

security advisory moderate Fedora cryptography TLS mbedtls

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here