aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--package/libs/mbedtls/Makefile2
-rw-r--r--package/libs/mbedtls/patches/200-config.patch9
2 files changed, 10 insertions, 1 deletions
diff --git a/package/libs/mbedtls/Makefile b/package/libs/mbedtls/Makefile
index 4cceb743d5..101324de07 100644
--- a/package/libs/mbedtls/Makefile
+++ b/package/libs/mbedtls/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=mbedtls
PKG_VERSION:=2.5.1
-PKG_RELEASE:=1
+PKG_RELEASE:=2
PKG_USE_MIPS16:=0
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-gpl.tgz
diff --git a/package/libs/mbedtls/patches/200-config.patch b/package/libs/mbedtls/patches/200-config.patch
index 39de3cc1ec..fb5a74fc65 100644
--- a/package/libs/mbedtls/patches/200-config.patch
+++ b/package/libs/mbedtls/patches/200-config.patch
@@ -269,3 +269,12 @@
/* \} name SECTION: mbed TLS modules */
+@@ -2646,7 +2646,7 @@
+ * recommended because of it is possible to generte SHA-1 collisions, however
+ * this may be safe for legacy infrastructure where additional controls apply.
+ */
+-// #define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
++#define MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
+
+ /**
+ * Allow SHA-1 in the default TLS configuration for TLS 1.2 handshake
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-28 21:27:08 +0000