diff options
author | Hauke Mehrtens <hauke@hauke-m.de> | 2018-03-04 20:38:00 +0100 |
---|---|---|
committer | Hauke Mehrtens <hauke@hauke-m.de> | 2018-03-10 18:37:04 +0100 |
commit | f609913b5c60f7c65c462730993cd1c752083fd6 (patch) | |
tree | ce2c463970296da66aba8cca0370abe810c78af8 /include/toplevel.mk | |
parent | 58a95f0f8ff768b43d68eed2b6a786e0f40f723b (diff) | |
download | upstream-f609913b5c60f7c65c462730993cd1c752083fd6.tar.gz upstream-f609913b5c60f7c65c462730993cd1c752083fd6.tar.bz2 upstream-f609913b5c60f7c65c462730993cd1c752083fd6.zip |
mbedtls: update to version 2.7.0
This fixes the following security problems:
* CVE-2018-0488: Risk of remote code execution when truncated HMAC is enabled
* CVE-2018-0487: Risk of remote code execution when verifying RSASSA-PSS signatures
This release is also ABI incompatible with the previous one, but it is
API compatible.
Some functions used by a lot of other software was renamed and the old
function names are provided as a static inline now, but they are only
active when deprecated functions are allowed, deactivate the removal of
deprecated functions for now.
Also increase the PKG_RELEASE version to force a rebuild and update of
packages depending on mbedtls to handle the changed ABI.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Diffstat (limited to 'include/toplevel.mk')
0 files changed, 0 insertions, 0 deletions