* [Buildroot] [git commit] polarssl: security bump to version 1.2.18
@ 2015-11-12 21:24 Peter Korsgaard
0 siblings, 0 replies; only message in thread
From: Peter Korsgaard @ 2015-11-12 21:24 UTC (permalink / raw)
To: buildroot
commit: http://git.buildroot.net/buildroot/commit/?id=3fe2eb9ed02070a648f75e0eb120ce45b1064c70
branch: http://git.buildroot.net/buildroot/commit/?id=refs/heads/master
Fixes a potential heap corruption on Windows when
mbedtls_x509_crt_parse_path() is passed a path longer than 2GB. This
cannot be triggered remotely. Found by Guido Vranken, Intelworks.
Fixes a potential buffer overflow in some asn1_write_xxx() functions.
This cannot be triggered remotely unless you create X.509 certificates
based on untrusted input or write keys of untrusted origin. Found by
Guido Vranken, Intelworks.
The X509 max_pathlen constraint was not enforced on intermediate
certificates. Found by Nicholas Wilson, and fix and tests provided by
Janos Follath.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
| 4 ++--
| 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
--git a/package/polarssl/polarssl.hash b/package/polarssl/polarssl.hash
index c203392..71f7c29 100644
--- a/package/polarssl/polarssl.hash
+++ b/package/polarssl/polarssl.hash
@@ -1,2 +1,2 @@
-# From https://tls.mbed.org/tech-updates/releases/mbedtls-2.1.2-and-1.3.14-and-polarssl-1.2.17-released
-sha256 9301d4ebec3eb45bc9f28f2d79bfdb0c3dd351c386aa6cc66643e1b2be274d52 polarssl-1.2.17-gpl.tgz
+# From https://tls.mbed.org/tech-updates/releases/mbedtls-2.2.0-2.1.3-1.3.15-and-polarssl.1.2.18-released
+sha256 63c4ed4d9f6a241088e2287958f265403f874248d6a98b98f27cd3aa2f90f030 polarssl-1.2.18-gpl.tgz
--git a/package/polarssl/polarssl.mk b/package/polarssl/polarssl.mk
index aaa6759..c589ec7 100644
--- a/package/polarssl/polarssl.mk
+++ b/package/polarssl/polarssl.mk
@@ -5,7 +5,7 @@
################################################################################
POLARSSL_SITE = https://tls.mbed.org/code/releases
-POLARSSL_VERSION = 1.2.17
+POLARSSL_VERSION = 1.2.18
POLARSSL_SOURCE = polarssl-$(POLARSSL_VERSION)-gpl.tgz
POLARSSL_CONF_OPTS = \
-DENABLE_PROGRAMS=$(if $(BR2_PACKAGE_POLARSSL_PROGRAMS),ON,OFF)
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2015-11-12 21:24 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-11-12 21:24 [Buildroot] [git commit] polarssl: security bump to version 1.2.18 Peter Korsgaard
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.