projects / openwrt / openwrt.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 09bdc14) | patch
wolfssl: fixes for CVE-2018-16870 & CVE-2019-13628
authorEneas U de Queiroz <cotequeiroz@gmail.com>
Mon, 5 Aug 2019 17:45:41 +0000 (14:45 -0300)
committerHauke Mehrtens <hauke@hauke-m.de>
Sat, 17 Aug 2019 15:23:17 +0000 (17:23 +0200)
commit2df2b75208dce06dee02508c8d589fc5f540023d
tree6ffd3d40a1af5a5f4cd19e2d3b8dda5739714864tree | snapshot
parent09bdc144197fe656f16d691d649ae08b36b4b126commit | diff
wolfssl: fixes for CVE-2018-16870 & CVE-2019-13628

CVE-2018-16870: medium-severity, new variant of the Bleichenbacher
attack to perform downgrade attacks against TLS, which may lead to
leakage of sensible data. Backported from 3.15.7.

CVE-2019-13628 (currently assigned-only): potential leak of nonce sizes
when performing ECDSA signing operations. The leak is considered to be
difficult to exploit but it could potentially be used maliciously to
perform a lattice based timing attack. Backported from 4.1.0.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
package/libs/wolfssl/Makefile diff | blob | history
package/libs/wolfssl/patches/010-Make-RsaUnPad-constant-time-when-Block-Type-2-messag.patch [new file with mode: 0644] blob
package/libs/wolfssl/patches/020-Improve-nonce-use-in-ECC-mulmod.patch [new file with mode: 0644] blob
package/libs/wolfssl/patches/900-remove-broken-autoconf-macros.patch diff | blob | history
OpenWrt Source Repository