aboutsummaryrefslogtreecommitdiffstats
path: root/package/libs/mbedtls
diff options
context:
space:
mode:
authorHauke Mehrtens <hauke@hauke-m.de>2022-01-29 11:56:27 +0100
committerHauke Mehrtens <hauke@hauke-m.de>2022-02-12 19:42:08 +0100
commit32d50a1281a76fab45d6bce5ea0d1ac6ff74a78d (patch)
tree33cae00390219c23f21734f420fa68eaf1578ea0 /package/libs/mbedtls
parentc6ddf8d5021d5262ecac8648d6ae849a47e1f0fb (diff)
downloadupstream-32d50a1281a76fab45d6bce5ea0d1ac6ff74a78d.tar.gz
upstream-32d50a1281a76fab45d6bce5ea0d1ac6ff74a78d.tar.bz2
upstream-32d50a1281a76fab45d6bce5ea0d1ac6ff74a78d.zip
mbedtls: Update to version 2.16.12
This fixes the following security problems: * Zeroize several intermediate variables used to calculate the expected value when verifying a MAC or AEAD tag. This hardens the library in case the value leaks through a memory disclosure vulnerability. For example, a memory disclosure vulnerability could have allowed a man-in-the-middle to inject fake ciphertext into a DTLS connection. * Fix a double-free that happened after mbedtls_ssl_set_session() or mbedtls_ssl_get_session() failed with MBEDTLS_ERR_SSL_ALLOC_FAILED (out of memory). After that, calling mbedtls_ssl_session_free() and mbedtls_ssl_free() would cause an internal session buffer to be free()'d twice. CVE-2021-44732 The sizes of the ipk changed on MIPS 24Kc like this: 182454 libmbedtls12_2.16.11-2_mips_24kc.ipk 182742 libmbedtls12_2.16.12-1_mips_24kc.ipk Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit 57f38e2c827e3be71d8b1709073e366afe011985)
Diffstat (limited to 'package/libs/mbedtls')
-rw-r--r--package/libs/mbedtls/Makefile4
1 files changed, 2 insertions, 2 deletions
diff --git a/package/libs/mbedtls/Makefile b/package/libs/mbedtls/Makefile
index 58a60c3226..55ddbbaa51 100644
--- a/package/libs/mbedtls/Makefile
+++ b/package/libs/mbedtls/Makefile
@@ -8,13 +8,13 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=mbedtls
-PKG_VERSION:=2.16.11
+PKG_VERSION:=2.16.12
PKG_RELEASE:=$(AUTORELEASE)
PKG_USE_MIPS16:=0
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/ARMmbed/mbedtls/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=c18e7e9abf95e69e425260493720470021384a1728417042060a35d0b7b18b41
+PKG_HASH:=294871ab1864a65d0b74325e9219d5bcd6e91c34a3c59270c357bb9ae4d5c393
PKG_BUILD_PARALLEL:=1
PKG_LICENSE:=GPL-2.0-or-later