staging/dedeckeh/package/libs, branch master

openssl: fix low-severity CVE-2023-1255

2023-04-29T10:33:44Z

This applies commit 02ac9c94 to fix this OpenSSL Security Advisory issued on 20th April 2023[1]: Input buffer over-read in AES-XTS implementation on 64 bit ARM (CVE-2023-1255) ============================================================== Severity: Low Issue summary: The AES-XTS cipher decryption implementation for 64 bit ARM platform contains a bug that could cause it to read past the input buffer, leading to a crash. Impact summary: Applications that use the AES-XTS algorithm on the 64 bit ARM platform can crash in rare circumstances. The AES-XTS algorithm is usually used for disk encryption. The AES-XTS cipher decryption implementation for 64 bit ARM platform will read past the end of the ciphertext buffer if the ciphertext size is 4 mod 5 in 16 byte blocks, e.g. 144 bytes or 1024 bytes. If the memory after the ciphertext buffer is unmapped, this will trigger a crash which results in a denial of service. If an attacker can control the size and location of the ciphertext buffer being decrypted by an application using AES-XTS on 64 bit ARM, the application is affected. This is fairly unlikely making this issue a Low severity one. 1. https://www.openssl.org/news/secadv/20230420.txt Signed-off-by: Eneas U de Queiroz

libpcap: update to 1.10.4

2023-04-22T00:35:19Z

Changes: https://git.tcpdump.org/libpcap/blob/104271ba4a14de6743e43bcf87536786d8fddea4:/CHANGES Signed-off-by: Nick Hainke

uclient: update to Git version 2023-04-13

2023-04-13T18:51:05Z

007d94546749 uclient: cancel state change timeout in uclient_disconnect() 644d3c7e13c6 ci: improve wolfSSL test coverage dc54d2b544a1 tests: add certificate check against letsencrypt.org Signed-off-by: Matthias Schiffer

mbedtls: Update to version 2.28.3

2023-04-10T11:36:26Z

This only fixes minor problems. Changelog: https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.3 The 100-fix-compile.patch patch was merged upstream, see: https://github.com/Mbed-TLS/mbedtls/issues/6243 https://github.com/Mbed-TLS/mbedtls/pull/7013 The code style of all files in mbedtls 2.28.3 was changed. I took a new version of the 100-x509-crt-verify-SAN-iPAddress.patch patch from this pull request: https://github.com/Mbed-TLS/mbedtls/pull/6475 Signed-off-by: Hauke Mehrtens

libcap: update to 2.68

2023-04-08T13:52:56Z

Release Notes: https://sites.google.com/site/fullycapable/release-notes-for-libcap#h.vdh3d47czmle Signed-off-by: Nick Hainke

openssl: fix CVE-2023-464 and CVE-2023-465

2023-04-07T09:26:26Z

Apply two patches fixing low-severity vulnerabilities related to certificate policies validation: - Excessive Resource Usage Verifying X.509 Policy Constraints (CVE-2023-0464) Severity: Low A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function. - Invalid certificate policies in leaf certificates are silently ignored (CVE-2023-0465) Severity: Low Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that certificate. A malicious CA could use this to deliberately assert invalid certificate policies in order to circumvent policy checking on the certificate altogether. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function. Note: OpenSSL also released a fix for low-severity security advisory CVE-2023-466. It is not included here because the fix only changes the documentation, which is not built nor included in any OpenWrt package. Due to the low-severity of these issues, there will be not be an immediate new release of OpenSSL. Signed-off-by: Eneas U de Queiroz

openssl: add legacy provider

2023-04-05T11:24:49Z

This adapts the engine build infrastructure to allow building providers, and packages the legacy provider. Providers are the successors of engines, which have been deprecated. The legacy provider supplies OpenSSL implementations of algorithms that have been deemed legacy, including DES, IDEA, MDC2, SEED, and Whirlpool. Even though these algorithms are implemented in a separate package, their removal makes the regular library smaller by 3%, so the build options will remain to allow lean custom builds. Their defaults will change to 'y' if not bulding for a small flash, so that the regular legacy package will contain a complete set of algorithms. The engine build and configuration structure was changed to accomodate providers, and adapt to the new style of openssl.cnf in version 3.0. There is not a clean upgrade path for the /etc/ssl/openssl.cnf file, installed by the openssl-conf package. It is recommended to rename or remove the old config file when flashing an image with the updated openssl-conf package, then apply the changes manually. An old openssl.cnf file will silently work, but new engine or provider packages will not be enabled. Any remaining engine config files under /etc/ssl/engines.cnf.d can be removed. On the build side, the include file used by engine packages was renamed to openssl-module.mk, so the engine packages in other feeds need to adapt. Signed-off-by: Eneas U de Queiroz

openssl: make UCI config aware of built-in engines

2023-04-05T11:24:49Z

Engines that are built into the main libcrypto OpenSSL library can't be disabled through UCI. Add a 'builtin' setting to signal that the engine can't be disabled through UCI, and show a message explaining this in case buitin=1 and enabled=0. Signed-off-by: Eneas U de Queiroz

openssl: avoid OPENSSL_SMALL_FOOTPRINT, no-asm

2023-04-05T11:24:49Z

Building openssl with OPENSSL_SMALL_FOOTPRINT yelds only from 1% to 3% decrease in size, dropping performance from 2% to 91%, depending on the target and algorithm. For example, using AES256-GCM with 1456-bytes operations, X86_64 appears to be the least affected with 2% performance penalty and 1% reduction in size; mips drops performance by 13%, size by 3%; Arm drops 29% in performance, 2% in size. On aarch64, it slows down ghash so much that I consider it broken (-91%). SMALL_FOOTPRINT will reduce AES256-GCM performance by 88%, and size by only 1%. It makes an AES-capable CPU run AES128-GCM at 35% of the speed of Chacha20-Poly1305: Block-size=1456 bytes AES256-GCM AES128-GCM ChaCha20-Poly1305 SMALL_FOOTPRINT 62014.44 65063.23 177090.50 regular 504220.08 565630.28 182706.16 OpenSSL 1.1.1 numbers are about the same, so this should have been noticed a long time ago. This creates an option to use OPENSSL_SMALL_FOOTPRINT, but it is turned off by default unless SMALL_FLASH or LOW_MEMORY_FOOTPRINT is used. Compiling with -O3 instead of -Os, for comparison, will increase size by about 14-15%, with no measureable effect on AES256-GCM performance, and about 2% increase in Chacha20-Poly1305 performance on Aarch64. There are no Arm devices with the small flash feature, so drop the conditional default. The package is built on phase2, so even if we include an Arm device with small flash later, a no-asm library would have to be built from source anyway. Signed-off-by: Eneas U de Queiroz

libnl-tiny: update to the latest version

2023-04-02T00:25:16Z

f5d9b7e libnl-tiny: fix duplicated branch in family.h 11b7c5f attr: add NLA_S* definitions Signed-off-by: Hauke Mehrtens