Sign me up Login

Details about package mbedtls

Name: mbedtls (PTS)
Uploader: Andrea Pappacoda <andrea@pappacoda.it> (Debian QA page)
Description: libmbedtls-dev - lightweight crypto and SSL/TLS library - development files
libmbedcrypto3 - lightweight crypto and SSL/TLS library - crypto library
libmbedtls12 - lightweight crypto and SSL/TLS library - tls library
libmbedx509-0 - lightweight crypto and SSL/TLS library - x509 certificate library
libmbedtls-doc - lightweight crypto and SSL/TLS library - documentation

Package uploads

Upload #1

Information

Version: 2.16.12-0+deb11u1
Uploaded: 2022-02-20 11:30
Source package: mbedtls_2.16.12-0+deb11u1.dsc
Distribution: bullseye
Section: libs
Priority: optional
Homepage: https://github.com/ARMmbed/mbedtls
Vcs-Git: https://salsa.debian.org/debian/mbedtls.git
Vcs-Browser: https://salsa.debian.org/debian/mbedtls

Changelog

 mbedtls (2.16.12-0+deb11u1) bullseye; urgency=medium
 .
   * New upstream version 2.16.12
     - CVE-2021-44732 fixed in version 2.16.12
     - CVE-2021-24119 fixed in version 2.16.10
   * CVE-2020-36477 never affected the 2.16 branch
   * Add d/upstream/metadata

QA information

Comments

  1. CVE-2021-43666 can be added in the changelog.
    Bastian Germann at April 6, 2022, 1:56 p.m.
  2. Please clarify with the release and/or security team if they are okay with a new upstream version over backporting the patches to 2.16.9. Then report here on their decision.
    Bastian Germann at April 16, 2022, 12:02 p.m.