Описание
Mbed TLS through 3.6.4 has an Observable Timing Discrepancy.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| mbedtls | fixed | 3.6.5-0.1 | package | |
| mbedtls | fixed | 3.6.5-0.1~deb13u1 | trixie | package |
Примечания
https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2025-10-invalid-padding-error/
https://github.com/Mbed-TLS/mbedtls/commit/155de2ab775e77ab6fa81bf2b1e6e63768123bc1 (mbedtls-3.6.5)
https://github.com/Mbed-TLS/mbedtls/commit/d179dc80a5b13189c79fe4531eacb28698a7a0e9 (mbedtls-3.6.5)
https://github.com/Mbed-TLS/mbedtls/commit/e74b42832e4af11606ef8aae2c9404b4acaa2c6d (mbedtls-3.6.5)
https://github.com/Mbed-TLS/mbedtls/commit/3b380daedbce9fae3e7ed7e84f18e97876e7e6f3 (mbedtls-3.6.5)
https://github.com/Mbed-TLS/mbedtls/commit/04dfd704325a6dbc2a13eb7f418eaca9ae9ca549 (mbedtls-3.6.5)
Связанные уязвимости
Mbed TLS through 3.6.4 has an Observable Timing Discrepancy.
Mbed TLS through 3.6.4 has an Observable Timing Discrepancy.
Mbed TLS through 3.6.4 has an Observable Timing Discrepancy.