diff options
| author | Hauke Mehrtens <hauke@hauke-m.de> | 2018-03-04 20:38:00 +0100 |
|---|---|---|
| committer | Hauke Mehrtens <hauke@hauke-m.de> | 2018-03-10 18:37:04 +0100 |
| commit | f609913b5c60f7c65c462730993cd1c752083fd6 (patch) | |
| tree | ce2c463970296da66aba8cca0370abe810c78af8 /package/libs/ustream-ssl | |
| parent | 58a95f0f8ff768b43d68eed2b6a786e0f40f723b (diff) | |
| download | upstream-f609913b5c60f7c65c462730993cd1c752083fd6.tar.gz upstream-f609913b5c60f7c65c462730993cd1c752083fd6.tar.bz2 upstream-f609913b5c60f7c65c462730993cd1c752083fd6.zip | |
mbedtls: update to version 2.7.0
This fixes the following security problems:
* CVE-2018-0488: Risk of remote code execution when truncated HMAC is enabled
* CVE-2018-0487: Risk of remote code execution when verifying RSASSA-PSS signatures
This release is also ABI incompatible with the previous one, but it is
API compatible.
Some functions used by a lot of other software was renamed and the old
function names are provided as a static inline now, but they are only
active when deprecated functions are allowed, deactivate the removal of
deprecated functions for now.
Also increase the PKG_RELEASE version to force a rebuild and update of
packages depending on mbedtls to handle the changed ABI.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Diffstat (limited to 'package/libs/ustream-ssl')
| -rw-r--r-- | package/libs/ustream-ssl/Makefile | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/package/libs/ustream-ssl/Makefile b/package/libs/ustream-ssl/Makefile index ff6c4b7d01..b9b9e19dfb 100644 --- a/package/libs/ustream-ssl/Makefile +++ b/package/libs/ustream-ssl/Makefile @@ -1,7 +1,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=ustream-ssl -PKG_RELEASE:=2 +PKG_RELEASE:=3 PKG_SOURCE_PROTO:=git PKG_SOURCE_URL=$(LEDE_GIT)/project/ustream-ssl.git |