diff options
author | Eneas U de Queiroz <cotequeiroz@gmail.com> | 2019-08-05 11:52:08 -0300 |
---|---|---|
committer | Hauke Mehrtens <hauke@hauke-m.de> | 2019-08-17 17:00:10 +0200 |
commit | b35e1360cd4f1c9cab9aa219decedec99f948982 (patch) | |
tree | cd525754423e96995b2613c3ebb425f201d71d20 /include | |
parent | 3809b6662d7a5959c6a8958d7069978db79440d5 (diff) | |
download | upstream-b35e1360cd4f1c9cab9aa219decedec99f948982.tar.gz upstream-b35e1360cd4f1c9cab9aa219decedec99f948982.tar.bz2 upstream-b35e1360cd4f1c9cab9aa219decedec99f948982.zip |
wolfssl: bump to 4.1.0-stable
Always build AES-GCM support.
Unnecessary patches were removed.
This includes two vulnerability fixes:
CVE-2019-11873: a potential buffer overflow case with the TLSv1.3 PSK
extension parsing.
CVE-2019-13628 (currently assigned-only): potential leak of nonce sizes
when performing ECDSA signing operations. The leak is considered to be
difficult to exploit but it could potentially be used maliciously to
perform a lattice based timing attack.
This brings the package up-to-date with master, so it incorporates
changes from 4.0.0 in master:
* Removed options that can't be turned off because we're building with
--enable-stunnel, some of which affect hostapd's Config.in.
* Adjusted the title of OCSP option, as OCSP itself can't be turned off,
only the stapling part is selectable.
* Mark options turned on when wpad support is selected.
* Add building options for TLS 1.0, and TLS 1.3.
* Add hardware crypto support, which due to a bug, only works when CCM
support is turned off.
* Reorganized option conditionals in Makefile.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Diffstat (limited to 'include')
0 files changed, 0 insertions, 0 deletions