aboutsummaryrefslogtreecommitdiffstats
path: root/.gitignore
diff options
context:
space:
mode:
authorPetr Štetiar <ynezz@true.cz>2022-09-29 18:45:40 +0200
committerPetr Štetiar <ynezz@true.cz>2022-10-03 17:52:06 +0200
commitf1b7e1434f66a3cb09cb9e70b40add354a22e458 (patch)
tree982b4329af93348be164fc7fb4d6f05f2f78f651 /.gitignore
parent149fc3a269b435483b31df03d6fd9679286cf9e7 (diff)
downloadupstream-f1b7e1434f66a3cb09cb9e70b40add354a22e458.tar.gz
upstream-f1b7e1434f66a3cb09cb9e70b40add354a22e458.tar.bz2
upstream-f1b7e1434f66a3cb09cb9e70b40add354a22e458.zip
treewide: fix security issues by bumping all packages using libwolfssl
As wolfSSL is having hard time maintaining ABI compatibility between releases, we need to manually force rebuild of packages depending on libwolfssl and thus force their upgrade. Otherwise due to the ABI handling we would endup with possibly two libwolfssl libraries in the system, including the patched libwolfssl-5.5.1, but still have vulnerable services running using the vulnerable libwolfssl-5.4.0. So in order to propagate update of libwolfssl to latest stable release done in commit ec8fb542ec3e4 ("wolfssl: fix TLSv1.3 RCE in uhttpd by using 5.5.1-stable (CVE-2022-39173)") which fixes several remotely exploitable vulnerabilities, we need to bump PKG_RELEASE of all packages using wolfSSL library. Signed-off-by: Petr Štetiar <ynezz@true.cz>
Diffstat (limited to '.gitignore')
0 files changed, 0 insertions, 0 deletions