doc: release-notes: notify about Mbed TLS version upgrade

valeriosetti · valeriosetti · commit 6c91bfbaa26e · 2025-11-04T09:59:39.000+01:00
Add a note about Mbed TLS version upgrade from 3.6.4 to 3.6.5.
Update also the CVE list accordingly.

Signed-off-by: Valerio Setti &lt;vsetti@baylibre.com&gt;
diff --git a/doc/releases/release-notes-4.4.rst b/doc/releases/release-notes-4.4.rst
@@ -41,6 +41,13 @@ The following sections provide detailed lists of changes by component.
 Security Vulnerability Related
 ******************************
 
+The following CVEs are addressed by this release:
+
+:cve:`2025-59438` `Padding oracle through timing of cipher error reporting
+    <https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2025-10-invalid-padding-error/>`_
+:cve:`2025-54764` `Side channel in RSA key generation and operations (SSBleed, M-Step)
+    <https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2025-10-ssbleed-mstep/>`_
+
 API Changes
 ***********
 
@@ -100,6 +107,11 @@ New Samples
 Libraries / Subsystems
 **********************
 
+* Updated Mbed TLS from version 3.6.4 to version 3.6.5. Release notes for this
+  release can be found at the following link:
+
+  * https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.6.5
+
 Other notable changes
 *********************
 
