diff options
| author | Eneas U de Queiroz <cotequeiroz@gmail.com> | 2022-04-08 10:27:25 -0300 |
|---|---|---|
| committer | Hauke Mehrtens <hauke@hauke-m.de> | 2022-04-11 22:44:17 +0200 |
| commit | 2393b09b5906014047a14a79c03292429afcf408 (patch) | |
| tree | e0d663eb010bf50f000f8f54baeaf4476b90b7f8 /package/kernel | |
| parent | 50cb1cb2efa9cac3df1e6b73f5501b01c270e860 (diff) | |
| download | upstream-2393b09b5906014047a14a79c03292429afcf408.tar.gz upstream-2393b09b5906014047a14a79c03292429afcf408.tar.bz2 upstream-2393b09b5906014047a14a79c03292429afcf408.zip | |
wolfssl: bump to 5.2.0
Fixes two high-severity vulnerabilities:
- CVE-2022-25640: A TLS v1.3 server who requires mutual authentication
can be bypassed. If a malicious client does not send the
certificate_verify message a client can connect without presenting a
certificate even if the server requires one.
- CVE-2022-25638: A TLS v1.3 client attempting to authenticate a TLS
v1.3 server can have its certificate heck bypassed. If the sig_algo in
the certificate_verify message is different than the certificate
message checking may be bypassed.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit e89f3e85eb1c1d81294e5d430a91b0ba625e2ec0)
Diffstat (limited to 'package/kernel')
0 files changed, 0 insertions, 0 deletions