mbedTLS is an An open source, portable, easy to use, readable and flexible SSL library.
Affected versions of this package are vulnerable to Cryptographic Issues. A side-channel vulnerability in
base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single stepped, especially Intel SGX.
A fix was pushed into the
master branch but not yet published.