All of lore.kernel.org
 help / color / mirror / Atom feed
* [Buildroot] [git commit branch/2022.08.x] package/wolfssl: security bump to version 5.5.2
@ 2022-11-08 20:00 Peter Korsgaard
  0 siblings, 0 replies; only message in thread
From: Peter Korsgaard @ 2022-11-08 20:00 UTC (permalink / raw)
  To: buildroot

commit: https://git.buildroot.net/buildroot/commit/?id=70abf9b69b55d90a67158865b87fee81ffb5e731
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/2022.08.x

In the case that the WOLFSSL_CALLBACKS macro is set when building
wolfSSL, there is a potential heap over read of 5 bytes when handling
TLS 1.3 client connections. This heap over read is limited to wolfSSL
builds explicitly setting the macro WOLFSSL_CALLBACKS, the feature does
not get turned on by any other build options. The macro
WOLFSSL_CALLBACKS is intended for debug use only, but if having it
enabled in production, users are recommended to disable
WOLFSSL_CALLBACKS. Users enabling WOLFSSL_CALLBACKS are recommended to
update their version of wolfSSL. CVE 2022-42905

https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.2-stable

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 18b5d6205db7547d633d6ac4ea8ba4fdd81ecc35)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
 package/wolfssl/wolfssl.hash | 2 +-
 package/wolfssl/wolfssl.mk   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/package/wolfssl/wolfssl.hash b/package/wolfssl/wolfssl.hash
index 3849ffb9fc..65d77ca659 100644
--- a/package/wolfssl/wolfssl.hash
+++ b/package/wolfssl/wolfssl.hash
@@ -1,5 +1,5 @@
 # Locally computed:
-sha256  97339e6956c90e7c881ba5c748dd04f7c30e5dbe0c06da765418c51375a6dee3  wolfssl-5.5.1.tar.gz
+sha256  49c6195462cae034efe6c86268824ba515682508a5f5199358d56a4168a82cf0  wolfssl-5.5.2.tar.gz
 
 # Hash for license files:
 sha256  8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643  COPYING
diff --git a/package/wolfssl/wolfssl.mk b/package/wolfssl/wolfssl.mk
index 95d4f47952..d9fa72ccf4 100644
--- a/package/wolfssl/wolfssl.mk
+++ b/package/wolfssl/wolfssl.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-WOLFSSL_VERSION = 5.5.1
+WOLFSSL_VERSION = 5.5.2
 WOLFSSL_SITE = $(call github,wolfSSL,wolfssl,v$(WOLFSSL_VERSION)-stable)
 WOLFSSL_INSTALL_STAGING = YES
 
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

^ permalink raw reply related	[flat|nested] only message in thread
only message in thread, other threads:[~2022-11-08 20:03 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-11-08 20:00 [Buildroot] [git commit branch/2022.08.x] package/wolfssl: security bump to version 5.5.2 Peter Korsgaard

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.