projects / openwrt / openwrt.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ff076f8) | patch
wolfssl: Backport fix for CVE-2021-3336
authorHauke Mehrtens <hauke@hauke-m.de>
Mon, 8 Feb 2021 23:53:09 +0000 (00:53 +0100)
committerHauke Mehrtens <hauke@hauke-m.de>
Tue, 9 Feb 2021 22:12:49 +0000 (23:12 +0100)
commit1f559cafe5cc1193a5962d40a2d938c66c783171
treea543aaa864e53d2421fe201d0e8193650b29a56atree | snapshot
parentff076f873f3bb01e4613f925315ae73c76a2d914commit | diff
wolfssl: Backport fix for CVE-2021-3336

This should fix CVE-2021-3336:
DoTls13CertificateVerify in tls13.c in wolfSSL through 4.6.0 does not
cease processing for certain anomalous peer behavior (sending an
ED22519, ED448, ECC, or RSA signature without the corresponding
certificate).

The patch is backported from the upstream wolfssl development branch.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
package/libs/wolfssl/Makefile diff | blob | history
package/libs/wolfssl/patches/010-CVE-2021-3336.patch [new file with mode: 0644] blob
OpenWrt Source Repository