* [Buildroot] [git commit branch/2024.02.x] package/mbedtls: security bump to version 2.28.8
@ 2024-04-28 14:29 Peter Korsgaard
0 siblings, 0 replies; only message in thread
From: Peter Korsgaard @ 2024-04-28 14:29 UTC (permalink / raw)
To: buildroot
commit: https://git.buildroot.net/buildroot/commit/?id=ee27dfff40c4e9c6a084c1f64e7604a02ff3ff1c
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/2024.02.x
- Use official tar.bz2 tarball
- Fix CVE-2024-28960
https://github.com/Mbed-TLS/mbedtls-docs/blob/main/security-advisories/mbedtls-security-advisory-2024-03.md
https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.8
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit ea8f0d72b305913d3349c6ab6899f653d68d1820)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
package/mbedtls/mbedtls.hash | 4 ++--
package/mbedtls/mbedtls.mk | 5 +++--
2 files changed, 5 insertions(+), 4 deletions(-)
diff --git a/package/mbedtls/mbedtls.hash b/package/mbedtls/mbedtls.hash
index 3ec151a859..5466b0e7de 100644
--- a/package/mbedtls/mbedtls.hash
+++ b/package/mbedtls/mbedtls.hash
@@ -1,4 +1,4 @@
-# From https://github.com/ARMmbed/mbedtls/releases/tag/v2.28.7:
-sha256 1df6073f0cf6a4e1953890bf5e0de2a8c7e6be50d6d6c69fa9fefcb1d14e981a mbedtls-2.28.7.tar.gz
+# From https://github.com/ARMmbed/mbedtls/releases/tag/v2.28.8:
+sha256 241c68402cef653e586be3ce28d57da24598eb0df13fcdea9d99bfce58717132 mbedtls-2.28.8.tar.bz2
# Locally calculated
sha256 9b405ef4c89342f5eae1dd828882f931747f71001cfba7d114801039b52ad09b LICENSE
diff --git a/package/mbedtls/mbedtls.mk b/package/mbedtls/mbedtls.mk
index cdb4aef4f4..9757b8b080 100644
--- a/package/mbedtls/mbedtls.mk
+++ b/package/mbedtls/mbedtls.mk
@@ -4,8 +4,9 @@
#
################################################################################
-MBEDTLS_VERSION = 2.28.7
-MBEDTLS_SITE = $(call github,ARMmbed,mbedtls,v$(MBEDTLS_VERSION))
+MBEDTLS_VERSION = 2.28.8
+MBEDTLS_SITE = https://github.com/Mbed-TLS/mbedtls/releases/download/v$(MBEDTLS_VERSION)
+MBEDTLS_SOURCE = mbedtls-$(MBEDTLS_VERSION).tar.bz2
MBEDTLS_CONF_OPTS = \
-DCMAKE_C_FLAGS="$(TARGET_CFLAGS) -std=c99" \
-DENABLE_PROGRAMS=$(if $(BR2_PACKAGE_MBEDTLS_PROGRAMS),ON,OFF) \
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2024-04-28 15:10 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-04-28 14:29 [Buildroot] [git commit branch/2024.02.x] package/mbedtls: security bump to version 2.28.8 Peter Korsgaard
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.