mirror/openwrt
1
0
Fork 1
mirror of https://git.openwrt.org/openwrt/openwrt.git synced 2026-03-14 23:09:45 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
openwrt/package/libs/wolfssl/patches
History
Eneas U de Queiroz 9ce6aa9d8d wolfssl: bump to 5.2.0 
Fixes two high-severity vulnerabilities:

- CVE-2022-25640: A TLS v1.3 server who requires mutual authentication
  can be bypassed.  If a malicious client does not send the
  certificate_verify message a client can connect without presenting a
  certificate even if the server requires one.

- CVE-2022-25638: A TLS v1.3 client attempting to authenticate a TLS
  v1.3 server can have its certificate heck bypassed. If the sig_algo in
  the certificate_verify message is different than the certificate
  message checking may be bypassed.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz> [ABI version change]
(cherry picked from commit e89f3e85eb)
(cherry picked from commit 2393b09b59)
2022-04-16 15:13:32 +02:00
..
100-disable-hardening-check.patch wolfssl: bump to 5.2.0 2022-04-16 15:13:32 +02:00
110-build-with-libtool-2.4.patch wolfssl: bump to 5.1.1-stable 2022-02-21 07:37:57 +01:00
200-ecc-rng.patch wolfssl: bump to 5.2.0 2022-04-16 15:13:32 +02:00
300-fix-SSL_get_verify_result-regression.patch wolfssl: bump to 5.2.0 2022-04-16 15:13:32 +02:00