Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Fedora 39: 2024-666210bd74 Critical Security Update for Mbedtls

fedora
Calendar Grey April 17, 2024
Dist Fedora Esm H88
Uncover the latest Fedora Update Alert concerning mbedtls which addresses urgent vulnerabilities. Access key information regarding this crucial fix.
Update to 2.28.8 Release notes: https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.8

Summary

Mbed TLS is a light-weight open source cryptographic and SSL/TLS

library written in C. Mbed TLS makes it easy for developers to include

cryptographic and SSL/TLS capabilities in their (embedded)

applications with as little hassle as possible.

Update Information:

Update to 2.28.8 Release notes: https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.8

Topics%20covered

Topics Covered

security advisory security issue Fedora critical update mbedtls lightweight cryptography PSA Crypto

Change Log

* Mon Apr 1 2024 Morten Stevens - 2.28.8-1 - Update to 2.28.8

References


[ 1 ] Bug #2272172 - CVE-2024-28960 mbedtls: Insecure handling of shared memory in PSA Crypto APIs https://bugzilla.redhat.com/show_bug.cgi?id=2272172

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-666210bd74' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: mbedtls
Product: Fedora 39
Version: 2.28.8
Release: 1.fc39
URL: https://www.trustedfirmware.org/projects/mbed-tls
Summary: Light-weight cryptographic and SSL/TLS library

Topics%20covered

Topics Covered

security advisory security issue Fedora critical update mbedtls lightweight cryptography PSA Crypto

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here