projects / openwrt / openwrt.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9be3501) | patch
wolfssl: update to v4.2.0-stable
authorEneas U de Queiroz <cotequeiroz@gmail.com>
Wed, 6 Nov 2019 21:22:52 +0000 (18:22 -0300)
committerHauke Mehrtens <hauke@hauke-m.de>
Sun, 10 Nov 2019 15:23:08 +0000 (16:23 +0100)
commit6cabbe96468343c4896d397c729e73548bc7677f
tree844ffe31cf088878d8ccd9588ab3d46df7cd02fftree | snapshot
parent9be3501dc3fc5250941e00e4c1b8856d43a55000commit | diff
wolfssl: update to v4.2.0-stable

Many bugs were fixed--2 patches removed here.

This release of wolfSSL includes fixes for 5 security vulnerabilities,
including two CVEs with high/critical base scores:

- potential invalid read with TLS 1.3 PSK, including session tickets
- potential hang with ocspstaping2 (always enabled in openwrt)
- CVE-2019-15651: 1-byte overread when decoding certificate extensions
- CVE-2019-16748: 1-byte overread when checking certificate signatures
- DSA attack to recover DSA private keys

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit f4853f7cca816214cd6e64cffe2b73d0b8c16def)
package/libs/wolfssl/Makefile diff | blob | history
package/libs/wolfssl/patches/010-build-with-devcrypto-and-aesccm.patch [deleted file] blob | history
package/libs/wolfssl/patches/020-build-fix-for-aesccm-devcrypto-cbc-wpas-and-afalg.patch [deleted file] blob | history
OpenWrt Source Repository