mbedtls: Update to 2.28.8

This contains a fix for: CVE-2024-28960: An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory. (cherry picked from commit 360ac07eb933feaf29bb031f788f0bf81c473be7) Link: https://github.com/openwrt/openwrt/pull/15899 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
author: Hauke Mehrtens 2024-04-21 15:40:09 +0000
committer: Hauke Mehrtens 2024-07-08 20:27:11 +0000
commit: 6ea1e214e73986abe9de3f61277426350e6c37e3 (patch)
tree: 59ad8b3f20f0be66a3d4a6a9e4aa77b62384ae25
parent: eb9eaeb60de82d870fcdae915d45570f6045df0a (diff)
download: openwrt-6ea1e214e73986abe9de3f61277426350e6c37e3.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/package/libs/mbedtls/Makefile b/package/libs/mbedtls/Makefile
index 828a7c1a0b..1a9f346680 100644
--- a/package/libs/mbedtls/Makefile
+++ b/package/libs/mbedtls/Makefile
@@ -8,13 +8,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=mbedtls
-PKG_VERSION:=2.28.7
+PKG_VERSION:=2.28.8
 PKG_RELEASE:=1
 PKG_USE_MIPS16:=0
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://codeload.github.com/ARMmbed/mbedtls/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=1df6073f0cf6a4e1953890bf5e0de2a8c7e6be50d6d6c69fa9fefcb1d14e981a
+PKG_HASH:=4fef7de0d8d542510d726d643350acb3cdb9dc76ad45611b59c9aa08372b4213
 
 PKG_LICENSE:=GPL-2.0-or-later
 PKG_LICENSE_FILES:=gpl-2.0.txt
author	Hauke Mehrtens	2024-04-21 15:40:09 +0000
committer	Hauke Mehrtens	2024-07-08 20:27:11 +0000
commit	6ea1e214e73986abe9de3f61277426350e6c37e3 (patch)
tree	59ad8b3f20f0be66a3d4a6a9e4aa77b62384ae25
parent	eb9eaeb60de82d870fcdae915d45570f6045df0a (diff)
download	openwrt-6ea1e214e73986abe9de3f61277426350e6c37e3.tar.gz