aboutsummaryrefslogtreecommitdiffstats
path: root/package/devel
diff options
context:
space:
mode:
authorHauke Mehrtens <hauke@hauke-m.de>2020-08-24 12:11:29 +0200
committerHauke Mehrtens <hauke@hauke-m.de>2020-09-02 15:46:42 +0200
commit403039c562e16f4242e3485d8f076ea726dd8744 (patch)
tree51fdbbf8e1dcb900139ace6e670ee44db90fe5dc /package/devel
parentdc61110adc6cf579d971ffd032aed677d91da674 (diff)
downloadupstream-403039c562e16f4242e3485d8f076ea726dd8744.tar.gz
upstream-403039c562e16f4242e3485d8f076ea726dd8744.tar.bz2
upstream-403039c562e16f4242e3485d8f076ea726dd8744.zip
wolfssl: Update to version 4.5.0
This fixes the following security problems: * In earlier versions of wolfSSL there exists a potential man in the middle attack on TLS 1.3 clients. * Denial of service attack on TLS 1.3 servers from repetitively sending ChangeCipherSpecs messages. (CVE-2020-12457) * Potential cache timing attacks on public key operations in builds that are not using SP (single precision). (CVE-2020-15309) * When using SGX with EC scalar multiplication the possibility of side- channel attacks are present. * Leak of private key in the case that PEM format private keys are bundled in with PEM certificates into a single file. * During the handshake, clear application_data messages in epoch 0 are processed and returned to the application. Full changelog: https://www.wolfssl.com/docs/wolfssl-changelog/ Fix a build error on big endian systems by backporting a pull request: https://github.com/wolfSSL/wolfssl/pull/3255 The size of the ipk increases on mips BE by 1.4% old: libwolfssl24_4.4.0-stable-2_mips_24kc.ipk: 386246 new: libwolfssl24_4.5.0-stable-1_mips_24kc.ipk: 391528 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit 00722a720c778e623d6f37af3a3b4e43b29c3fe8)
Diffstat (limited to 'package/devel')
0 files changed, 0 insertions, 0 deletions