SW/openwrt
2
0
Fork 0
forked from Ivasoft/openwrt
Code Pull Requests Activity

wolfssl: bump to 5.2.0

Browse Source 
Fixes two high-severity vulnerabilities:

- CVE-2022-25640: A TLS v1.3 server who requires mutual authentication
  can be bypassed.  If a malicious client does not send the
  certificate_verify message a client can connect without presenting a
  certificate even if the server requires one.

- CVE-2022-25638: A TLS v1.3 client attempting to authenticate a TLS
  v1.3 server can have its certificate heck bypassed. If the sig_algo in
  the certificate_verify message is different than the certificate
  message checking may be bypassed.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit e89f3e85eb)
This commit is contained in:
Eneas U de Queiroz
2022-04-08 10:27:25 -03:00
committed by Hauke Mehrtens
parent 99b00edf35
commit c5ef62a218
4 changed files with 7 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
package/libs/wolfssl/Makefile
View File

@@ -8,12 +8,12 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=wolfssl
PKG_VERSION:=5.1.1-stable
PKG_VERSION:=5.2.0-stable
PKG_RELEASE:=$(AUTORELEASE)
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/wolfSSL/wolfssl/archive/v$(PKG_VERSION)
PKG_HASH:=d3e0544dbe7e9587c0f6538cdc671b6492663bb7a4281819538abe6c99cdbd92
PKG_HASH:=409b4646c5f54f642de0e9f3544c3b83de7238134f5b1ff93fb44527bf119d05
PKG_FIXUP:=libtool libtool-abiver
PKG_INSTALL:=1