Comment 6 for bug 1672686

This bug was fixed in the package mbedtls - 2.3.0-1ubuntu0.1

---------------
mbedtls (2.3.0-1ubuntu0.1) yakkety-security; urgency=medium

  * SECURITY UPDATE: Freeing of memory allocated on stack when validating
    a public key with a secp224k1 curve. (LP: #1672686)
    - debian/patches/CVE-2017-2784.patch: fix buffer size calculations in
      library/ecp_curves.c.
    - CVE-2017-2784

 -- James Cowgill <email address hidden> Fri, 17 Mar 2017 09:43:46 +0000