projects / openwrt / staging / dedeckeh.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9fa061a) | patch
wolfssl: update to v4.2.0-stable
authorEneas U de Queiroz <cotequeiroz@gmail.com>
Wed, 6 Nov 2019 21:22:52 +0000 (18:22 -0300)
committerDaniel Golle <daniel@makrotopia.org>
Wed, 6 Nov 2019 22:23:53 +0000 (23:23 +0100)
commitf4853f7cca816214cd6e64cffe2b73d0b8c16def
treee7beacf13fd3a3340f96d400eea9670695c51715tree | snapshot
parent9fa061a7d34b20faaa70705ae5e6556d2650d83fcommit | diff
wolfssl: update to v4.2.0-stable

Many bugs were fixed--2 patches removed here.

This release of wolfSSL includes fixes for 5 security vulnerabilities,
including two CVEs with high/critical base scores:

- potential invalid read with TLS 1.3 PSK, including session tickets
- potential hang with ocspstaping2 (always enabled in openwrt)
- CVE-2019-15651: 1-byte overread when decoding certificate extensions
- CVE-2019-16748: 1-byte overread when checking certificate signatures
- DSA attack to recover DSA private keys

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
package/libs/wolfssl/Makefile diff | blob | history
package/libs/wolfssl/patches/010-build-with-devcrypto-and-aesccm.patch [deleted file] blob | history
package/libs/wolfssl/patches/020-build-fix-for-aesccm-devcrypto-cbc-wpas-and-afalg.patch [deleted file] blob | history
Staging tree of dedeckeh