w1hkj / fldigi

Amateur Radio digital modem application [SF mirror]
http://www.w1hkj.com
GNU General Public License v3.0
108 stars 27 forks source link

Outdated Mbed-TLS sources with missing security patch (CVE-2019-16910) #43

Open Garnik645 opened 1 month ago

Garnik645 commented 1 month ago

Hello,

I noticed that the Fldigi project includes outdated Mbed-TLS sources, missing patches for the CVE-2019-16910. I strongly recommend updating the Mbed-TLS sources in the Fldigi project to the latest version available. This issue was detected by a tool designed in CAST.

Best regards, Garnik Khroyan