diff options
author | Eneas U de Queiroz <cotequeiroz@gmail.com> | 2019-11-06 18:22:52 -0300 |
---|---|---|
committer | Hauke Mehrtens <hauke@hauke-m.de> | 2019-11-10 16:23:08 +0100 |
commit | 6cabbe96468343c4896d397c729e73548bc7677f (patch) | |
tree | 844ffe31cf088878d8ccd9588ab3d46df7cd02ff /package/boot/uboot-lantiq/patches/0016-net-add-driver-for-Lantiq-XWAY-ARX100-switch.patch | |
parent | 9be3501dc3fc5250941e00e4c1b8856d43a55000 (diff) | |
download | upstream-6cabbe96468343c4896d397c729e73548bc7677f.tar.gz upstream-6cabbe96468343c4896d397c729e73548bc7677f.tar.bz2 upstream-6cabbe96468343c4896d397c729e73548bc7677f.zip |
wolfssl: update to v4.2.0-stable
Many bugs were fixed--2 patches removed here.
This release of wolfSSL includes fixes for 5 security vulnerabilities,
including two CVEs with high/critical base scores:
- potential invalid read with TLS 1.3 PSK, including session tickets
- potential hang with ocspstaping2 (always enabled in openwrt)
- CVE-2019-15651: 1-byte overread when decoding certificate extensions
- CVE-2019-16748: 1-byte overread when checking certificate signatures
- DSA attack to recover DSA private keys
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit f4853f7cca816214cd6e64cffe2b73d0b8c16def)
Diffstat (limited to 'package/boot/uboot-lantiq/patches/0016-net-add-driver-for-Lantiq-XWAY-ARX100-switch.patch')
0 files changed, 0 insertions, 0 deletions