diff options
author | Eneas U de Queiroz <cotequeiroz@gmail.com> | 2019-11-06 18:22:52 -0300 |
---|---|---|
committer | Daniel Golle <daniel@makrotopia.org> | 2019-11-06 23:23:53 +0100 |
commit | f4853f7cca816214cd6e64cffe2b73d0b8c16def (patch) | |
tree | e7beacf13fd3a3340f96d400eea9670695c51715 /scripts/flashing | |
parent | 9fa061a7d34b20faaa70705ae5e6556d2650d83f (diff) | |
download | upstream-f4853f7cca816214cd6e64cffe2b73d0b8c16def.tar.gz upstream-f4853f7cca816214cd6e64cffe2b73d0b8c16def.tar.bz2 upstream-f4853f7cca816214cd6e64cffe2b73d0b8c16def.zip |
wolfssl: update to v4.2.0-stable
Many bugs were fixed--2 patches removed here.
This release of wolfSSL includes fixes for 5 security vulnerabilities,
including two CVEs with high/critical base scores:
- potential invalid read with TLS 1.3 PSK, including session tickets
- potential hang with ocspstaping2 (always enabled in openwrt)
- CVE-2019-15651: 1-byte overread when decoding certificate extensions
- CVE-2019-16748: 1-byte overread when checking certificate signatures
- DSA attack to recover DSA private keys
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Diffstat (limited to 'scripts/flashing')
0 files changed, 0 insertions, 0 deletions