All of lore.kernel.org
 help / color / mirror / Atom feed
* [Buildroot] [git commit] polarssl: security bump to version 1.2.18
@ 2015-11-12 21:24 Peter Korsgaard
  0 siblings, 0 replies; only message in thread
From: Peter Korsgaard @ 2015-11-12 21:24 UTC (permalink / raw)
  To: buildroot

commit: http://git.buildroot.net/buildroot/commit/?id=3fe2eb9ed02070a648f75e0eb120ce45b1064c70
branch: http://git.buildroot.net/buildroot/commit/?id=refs/heads/master

Fixes a potential heap corruption on Windows when
mbedtls_x509_crt_parse_path() is passed a path longer than 2GB. This
cannot be triggered remotely. Found by Guido Vranken, Intelworks.

Fixes a potential buffer overflow in some asn1_write_xxx() functions.
This cannot be triggered remotely unless you create X.509 certificates
based on untrusted input or write keys of untrusted origin. Found by
Guido Vranken, Intelworks.

The X509 max_pathlen constraint was not enforced on intermediate
certificates. Found by Nicholas Wilson, and fix and tests provided by
Janos Follath.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
 package/polarssl/polarssl.hash |    4 ++--
 package/polarssl/polarssl.mk   |    2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/package/polarssl/polarssl.hash b/package/polarssl/polarssl.hash
index c203392..71f7c29 100644
--- a/package/polarssl/polarssl.hash
+++ b/package/polarssl/polarssl.hash
@@ -1,2 +1,2 @@
-# From https://tls.mbed.org/tech-updates/releases/mbedtls-2.1.2-and-1.3.14-and-polarssl-1.2.17-released
-sha256	9301d4ebec3eb45bc9f28f2d79bfdb0c3dd351c386aa6cc66643e1b2be274d52	polarssl-1.2.17-gpl.tgz
+# From https://tls.mbed.org/tech-updates/releases/mbedtls-2.2.0-2.1.3-1.3.15-and-polarssl.1.2.18-released
+sha256	63c4ed4d9f6a241088e2287958f265403f874248d6a98b98f27cd3aa2f90f030	polarssl-1.2.18-gpl.tgz
diff --git a/package/polarssl/polarssl.mk b/package/polarssl/polarssl.mk
index aaa6759..c589ec7 100644
--- a/package/polarssl/polarssl.mk
+++ b/package/polarssl/polarssl.mk
@@ -5,7 +5,7 @@
 ################################################################################
 
 POLARSSL_SITE = https://tls.mbed.org/code/releases
-POLARSSL_VERSION = 1.2.17
+POLARSSL_VERSION = 1.2.18
 POLARSSL_SOURCE = polarssl-$(POLARSSL_VERSION)-gpl.tgz
 POLARSSL_CONF_OPTS = \
 	-DENABLE_PROGRAMS=$(if $(BR2_PACKAGE_POLARSSL_PROGRAMS),ON,OFF)

^ permalink raw reply related	[flat|nested] only message in thread
only message in thread, other threads:[~2015-11-12 21:24 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-11-12 21:24 [Buildroot] [git commit] polarssl: security bump to version 1.2.18 Peter Korsgaard

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.