It was fixed in versions Mbed TLS 2.24.0, 2.16.8 and 2.7.17.
We have a security advisory discussing this issue in detail:
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-09-1
Best regards,
Janos
From: Sawyer Liu <sawyer.liu@nxp.com>
Date: Wednesday, 28 October 2020 at 09:54
To: Janos Follath <Janos.Follath@arm.com>
Cc: "mbed-tls@lists.trustedfirmware.org" <mbed-tls@lists.trustedfirmware.org>
Subject: Re: [EXT] Re: [mbed-tls] About mbedtls CVE
Thanks Janos. Could you tell me which version has fixed CVE-2020-16150?
在 2020年10月28日,17:40,Janos Follath
<Janos.Follath@arm.com>
写道:
CVE-2020-16150