aboutsummaryrefslogtreecommitdiffstats
path: root/target/linux/cns21xx/patches-3.7
diff options
context:
space:
mode:
authorEneas U de Queiroz <cotequeiroz@gmail.com>2022-04-08 10:27:25 -0300
committerPetr Štetiar <ynezz@true.cz>2022-04-16 15:13:32 +0200
commit9ce6aa9d8d8a1147dcf03cb509cafb5fa7339a91 (patch)
tree4cfd9ffb4c3daf74995f408b8342092cfb90d45a /target/linux/cns21xx/patches-3.7
parent698cdf02020aa9855ab1000d6a359f816c76280e (diff)
downloadupstream-9ce6aa9d8d8a1147dcf03cb509cafb5fa7339a91.tar.gz
upstream-9ce6aa9d8d8a1147dcf03cb509cafb5fa7339a91.tar.bz2
upstream-9ce6aa9d8d8a1147dcf03cb509cafb5fa7339a91.zip
wolfssl: bump to 5.2.0
Fixes two high-severity vulnerabilities: - CVE-2022-25640: A TLS v1.3 server who requires mutual authentication can be bypassed. If a malicious client does not send the certificate_verify message a client can connect without presenting a certificate even if the server requires one. - CVE-2022-25638: A TLS v1.3 client attempting to authenticate a TLS v1.3 server can have its certificate heck bypassed. If the sig_algo in the certificate_verify message is different than the certificate message checking may be bypassed. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> Signed-off-by: Petr Štetiar <ynezz@true.cz> [ABI version change] (cherry picked from commit e89f3e85eb1c1d81294e5d430a91b0ba625e2ec0) (cherry picked from commit 2393b09b5906014047a14a79c03292429afcf408)
Diffstat (limited to 'target/linux/cns21xx/patches-3.7')
0 files changed, 0 insertions, 0 deletions