mirror/openwrt
1
0
Fork 1
mirror of https://git.openwrt.org/openwrt/openwrt.git synced 2026-01-28 03:37:17 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 6
openwrt/package/libs
History
Hauke Mehrtens 84b000e5d0 wolfssl: Update to version 5.7.2 
This fixes multiple security problems:
 * [Medium] CVE-2024-1544
   Potential ECDSA nonce side channel attack in versions of wolfSSL before 5.6.6 with wc_ecc_sign_hash calls.

 * [Medium] CVE-2024-5288
   A private key blinding operation, enabled by defining the macro WOLFSSL_BLIND_PRIVATE_KEY, was added to mitigate a potential row hammer attack on ECC operations.

 * [Low] When parsing a provided maliciously crafted certificate directly using wolfSSL API, outside of a TLS connection, a certificate with an excessively large number of extensions could lead to a potential DoS.

 * [Low] CVE-2024-5991
   In the function MatchDomainName(), input param str is treated as a NULL terminated string despite being user provided and unchecked.

 * [Medium] CVE-2024-5814
   A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection.

 * [Medium] OCSP stapling version 2 response verification bypass issue when a crafted response of length 0 is received.

 * [Medium] OCSP stapling version 2 revocation bypass with a retry of a TLS connection attempt.

Unset DISABLE_NLS to prevent setting the unsupported configuration
option --disable-nls which breaks the build now.

Link: https://github.com/openwrt/openwrt/pull/15948
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 3a0232ffd3)
2024-07-16 00:05:18 +02:00
..
argp-standalone treewide: opt-out of tree-wide LTO usage 2023-03-21 18:28:23 +01:00
elfutils treewide: replace PKG_USE_MIPS16:=0 with PKG_BUILD_FLAGS:=no-mips16 2023-03-21 18:28:22 +01:00
gettext-full gettext-full: link libiconv when building host pkg 2024-06-04 14:27:35 +02:00
gmp packages: assign PKG_CPE_ID for all missing packages 2023-09-27 22:37:01 +02:00
jansson treewide: add support for "lto" in PKG_BUILD_FLAGS 2023-03-21 18:28:22 +01:00
libaudit treewide: replace PKG_USE_MIPS16:=0 with PKG_BUILD_FLAGS:=no-mips16 2023-03-21 18:28:22 +01:00
libbpf packages: assign PKG_CPE_ID for all missing packages 2023-09-27 22:37:01 +02:00
libbsd packages: assign PKG_CPE_ID for all missing packages 2023-09-27 22:37:01 +02:00
libcap libcap: update to 2.69 2023-05-24 19:26:24 +01:00
libevent2 treewide: add support for "lto" in PKG_BUILD_FLAGS 2023-03-21 18:28:22 +01:00
libiconv-full libiconv-full: add host build 2022-07-17 14:21:03 +02:00
libjson-c package/libs/libjson-c: fix PKG_CPE_ID 2024-07-06 18:31:14 +02:00
libmd libmd: add library providing message digest functions 2022-09-11 01:30:11 +02:00
libmnl libmnl: add PKG_CPE_ID 2022-09-06 16:36:44 +01:00
libnetfilter-conntrack packages: assign PKG_CPE_ID for all missing packages 2023-09-27 22:37:01 +02:00
libnfnetlink libnfnetlink: add PKG_CPE_ID 2022-09-06 16:36:45 +01:00
libnftnl libnftnl: update to 1.2.6 2023-07-20 08:04:11 +02:00
libnl libnl: add support for cli 2023-11-05 12:22:47 +01:00
libnl-tiny libnl-tiny: update to latest Git HEAD 2023-07-27 12:06:02 +02:00
libpcap packages: assign PKG_CPE_ID for all missing packages 2023-09-27 22:37:01 +02:00
libselinux libselinux: opt-out of lto usage 2023-10-31 00:44:03 +01:00
libsemanage libsemanage: update to 3.5 2023-05-18 10:14:13 +02:00
libsepol libsepol: opt-out of lto usage 2023-10-31 00:44:03 +01:00
libtool libtool: update to 2.4.7 2022-07-10 19:07:47 +02:00
libtraceevent libtraceevent: update to 1.7.2 2023-04-01 22:02:24 +02:00
libtracefs libtracefs: update to 1.6.4 2023-01-13 22:02:20 +01:00
libubox libubox: update to the latest version 2023-06-12 22:10:18 +02:00
libunistring libunistring: add from packages feed 2023-05-15 16:14:41 +02:00
libunwind libunwind: update to 1.6.2 2022-09-07 04:22:40 +01:00
libusb treewide: replace AUTORELEASE with real PKG_RELEASE 2023-05-18 11:35:29 +02:00
libxml2 libxml2: add host build dependency on libiconv-full 2024-07-08 21:13:26 +02:00
mbedtls mbedtls: Update to 2.28.8 2024-07-08 21:13:26 +02:00
musl-fts musl-fts: remove shared libraries from host 2022-03-27 14:38:13 +02:00
ncurses ncurses: add alacritty terminfo 2023-02-26 01:12:02 +01:00
nettle nettle: update to 3.9.1 2023-08-27 23:49:27 +02:00
openssl openssl: conditionally disable engine section 2024-07-06 18:29:23 +02:00
pcre2 package/libs/pcre2: fix PKG_CPE_ID 2024-07-06 18:31:14 +02:00
popt treewide: Add extra CPE identifier 2023-09-27 22:37:13 +02:00
readline readline: update to 8.2 2022-10-23 18:16:22 +02:00
sysfsutils treewide: Add extra CPE identifier 2023-09-27 22:37:13 +02:00
toolchain toolchain: reproducible libstdcpp 2022-04-01 12:54:58 +01:00
uclient uclient: update to Git version 2023-04-13 2023-04-13 20:51:05 +02:00
ustream-ssl ustream-ssl: update to Git version 2023-02-25 2023-02-25 18:37:26 +01:00
wolfssl wolfssl: Update to version 5.7.2 2024-07-16 00:05:18 +02:00
zlib treewide: replace AUTORELEASE with real PKG_RELEASE 2023-05-18 11:35:29 +02:00