Merge pull request #1428 from Mbed-TLS/mbedtls-3.6.5rc0-pr

Mbedtls 3.6.5RC

Author: minosgalanakis

BRANCHES.md

@@ -108,7 +108,7 @@ The following branches are currently maintained:
 - [`development`](https://github.com/Mbed-TLS/mbedtls/)
 - [`mbedtls-3.6`](https://github.com/Mbed-TLS/mbedtls/tree/mbedtls-3.6)
  maintained until March 2027, see
-  <https://github.com/Mbed-TLS/mbedtls/releases/tag/v3.6.3>.
+  <https://github.com/Mbed-TLS/mbedtls/releases/tag/v3.6.5>.
 
 > Note: [**`mbedtls-2.28.10`**](https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.10)
 is the last release of the 2.28 LTS and won't receive bug fixes or security fixes anymore.

CMakeLists.txt

@@ -40,12 +40,12 @@ cmake_policy(SET CMP0012 NEW)
 if(TEST_CPP)
     project("Mbed TLS"
         LANGUAGES C CXX
-        VERSION 3.6.4
+        VERSION 3.6.5
     )
 else()
     project("Mbed TLS"
         LANGUAGES C
-        VERSION 3.6.4
+        VERSION 3.6.5
     )
 endif()
 
@@ -73,7 +73,7 @@ if(CMAKE_HOST_WIN32)
     # CMakeLists.txt.
     option(GEN_FILES "Generate the auto-generated files as needed" OFF) # off in development
 else()
-    option(GEN_FILES "Generate the auto-generated files as needed" ON)
+    option(GEN_FILES "Generate the auto-generated files as needed" OFF)
 endif()
 
 option(DISABLE_PACKAGE_CONFIG_AND_INSTALL "Disable package configuration, target export and installation" ${MBEDTLS_AS_SUBPROJECT})
@@ -476,7 +476,7 @@ if(NOT DISABLE_PACKAGE_CONFIG_AND_INSTALL)
     write_basic_package_version_file(
         "cmake/MbedTLSConfigVersion.cmake"
             COMPATIBILITY SameMajorVersion
-            VERSION 3.6.4)
+            VERSION 3.6.5)
 
     install(
         FILES "${CMAKE_CURRENT_BINARY_DIR}/cmake/MbedTLSConfig.cmake"

ChangeLog

@@ -1,5 +1,48 @@
 Mbed TLS ChangeLog (Sorted per branch, date)
 
+= Mbed TLS 3.6.5 branch released 2025-10-15
+
+API changes
+   * When building the library as a PSA client (MBEDTLS_PSA_CRYPTO_CLIENT
+     enabled and MBEDTLS_PSA_CRYPTO_C disabled), you need to provide the
+     function psa_can_do_cipher() in addition to psa_can_do_hash(). This
+     changed was made in Mbed TLS 3.6.0 but was not announced then.
+
+Features
+   * The new function mbedtls_cipher_finish_padded() is similar to
+     mbedtls_cipher_finish(), but makes it easier to process invalid-padding
+     conditions in constant time.
+
+Security
+   * Fix a timing side channel in CBC-PKCS7 decryption that could
+     allow an attacker who can submit chosen ciphertexts to recover
+     some plaintexts through a timing-based padding oracle attack.
+     Credits to Beat Heeb from Oberon microsystems AG. CVE-2025-59438
+   * Fix a local timing side-channel in modular inversion and GCD that was
+     exploitable in RSA key generation and other RSA operations (see the full
+     advisory for details), allowing a local attacker to fully recover the
+     private key. This can be exploited on some Arm-v9 CPUs by an unprivileged
+     attacker running code on the same core (SSBleed), or when Trustzone-M is
+     used, by the non-secure side abusing timer interrupts (M-Step), and
+     probably in other similar settings as well. Found and reported
+     independently by: SSBleed: Chang Liu (Tsinghua University) and Trevor E.
+     Carlson (National University of Singapore); M-Step: Cristiano Rodrigues
+     (University of Minho), Marton Bognar (DistriNet, KU Leuven), Sandro Pinto
+     (University of Minho), Jo Van Bulck (DistriNet, KU Leuven). CVE-2025-54764
+
+Bugfix
+    * Fix potential CMake parallel build failure when building both the static
+      and shared libraries.
+   * Fix a build error or incorrect TLS session
+     lifetime on platforms where mbedtls_time_t
+     is not time_t. Fixes #10236.
+
+Changes
+   * The function mbedtls_mpi_gcd() now always gives a non-negative output.
+     Previously the output was negative when B = 0 and A < 0, which was not
+     documented, and inconsistent as all other inputs resulted in a non-negative
+     output.
+
 = Mbed TLS 3.6.4 branch released 2025-06-30
 
 Features

ChangeLog.d/fix-dependency-on-generated-files.txt

@@ -71,7 +71,7 @@ generated_files: visualc_files
 # that lacks some of the necessary tools to re-generate the files.
 # If $(GEN_FILES) is non-empty, the generated source files' dependencies
 # are treated ordinarily, based on file timestamps.
-GEN_FILES ?= yes
+GEN_FILES ?=
 
 # In dependencies where the target is a configuration-independent generated
 # file, use `TARGET: $(gen_file_dep) DEPENDENCY1 DEPENDENCY2 ...`

ChangeLog.d/psa_can_do_cipher.txt

@@ -10,7 +10,7 @@
  */
 
 /**
- * @mainpage Mbed TLS v3.6.4 API Documentation
+ * @mainpage Mbed TLS v3.6.5 API Documentation
  *
  * This documentation describes the internal structure of Mbed TLS.  It was
  * automatically generated from specially formatted comment blocks in

ChangeLog.d/replace_time_t.txt

@@ -1,4 +1,4 @@
-PROJECT_NAME           = "Mbed TLS v3.6.4"
+PROJECT_NAME           = "Mbed TLS v3.6.5"
 OUTPUT_DIRECTORY       = ../apidoc/
 FULL_PATH_NAMES        = NO
 OPTIMIZE_OUTPUT_FOR_C  = YES