* [Buildroot] [PATCH 1/1] package/wolfssl: security bump to version 4.7.0
@ 2021-03-06 16:14 Fabrice Fontaine
2021-03-06 19:25 ` Peter Korsgaard
2021-03-16 22:20 ` Peter Korsgaard
0 siblings, 2 replies; 3+ messages in thread
From: Fabrice Fontaine @ 2021-03-06 16:14 UTC (permalink / raw)
To: buildroot
Fix CVE-2021-3336: DoTls13CertificateVerify in tls13.c in wolfSSL before
4.7.0 does not cease processing for certain anomalous peer behavior
(sending an ED22519, ED448, ECC, or RSA signature without the
corresponding certificate). The client side is affected because
man-in-the-middle attackers can impersonate TLS 1.3 servers.
https://github.com/wolfSSL/wolfssl/releases/tag/v4.7.0-stable
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
package/wolfssl/wolfssl.hash | 2 +-
package/wolfssl/wolfssl.mk | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/package/wolfssl/wolfssl.hash b/package/wolfssl/wolfssl.hash
index f5a25fe980..05fee25b6b 100644
--- a/package/wolfssl/wolfssl.hash
+++ b/package/wolfssl/wolfssl.hash
@@ -1,5 +1,5 @@
# Locally computed:
-sha256 053aefbb02d0b06b27c5e2df6875b4b587318755b7db9d6aa8d72206b310a848 wolfssl-4.6.0-stable.tar.gz
+sha256 b0e740b31d4d877d540ad50cc539a8873fc41af02bd3091c4357b403f7106e31 wolfssl-4.7.0-stable.tar.gz
# Hash for license files:
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING
diff --git a/package/wolfssl/wolfssl.mk b/package/wolfssl/wolfssl.mk
index d66a1c2800..fe21ddcd4f 100644
--- a/package/wolfssl/wolfssl.mk
+++ b/package/wolfssl/wolfssl.mk
@@ -4,7 +4,7 @@
#
################################################################################
-WOLFSSL_VERSION = 4.6.0-stable
+WOLFSSL_VERSION = 4.7.0-stable
WOLFSSL_SITE = $(call github,wolfSSL,wolfssl,v$(WOLFSSL_VERSION))
WOLFSSL_INSTALL_STAGING = YES
--
2.30.0
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [Buildroot] [PATCH 1/1] package/wolfssl: security bump to version 4.7.0
2021-03-06 16:14 [Buildroot] [PATCH 1/1] package/wolfssl: security bump to version 4.7.0 Fabrice Fontaine
@ 2021-03-06 19:25 ` Peter Korsgaard
2021-03-16 22:20 ` Peter Korsgaard
1 sibling, 0 replies; 3+ messages in thread
From: Peter Korsgaard @ 2021-03-06 19:25 UTC (permalink / raw)
To: buildroot
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice@gmail.com> writes:
> Fix CVE-2021-3336: DoTls13CertificateVerify in tls13.c in wolfSSL before
> 4.7.0 does not cease processing for certain anomalous peer behavior
> (sending an ED22519, ED448, ECC, or RSA signature without the
> corresponding certificate). The client side is affected because
> man-in-the-middle attackers can impersonate TLS 1.3 servers.
> https://github.com/wolfSSL/wolfssl/releases/tag/v4.7.0-stable
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Committed, thanks.
--
Bye, Peter Korsgaard
^ permalink raw reply [flat|nested] 3+ messages in thread
* [Buildroot] [PATCH 1/1] package/wolfssl: security bump to version 4.7.0
2021-03-06 16:14 [Buildroot] [PATCH 1/1] package/wolfssl: security bump to version 4.7.0 Fabrice Fontaine
2021-03-06 19:25 ` Peter Korsgaard
@ 2021-03-16 22:20 ` Peter Korsgaard
1 sibling, 0 replies; 3+ messages in thread
From: Peter Korsgaard @ 2021-03-16 22:20 UTC (permalink / raw)
To: buildroot
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice@gmail.com> writes:
> Fix CVE-2021-3336: DoTls13CertificateVerify in tls13.c in wolfSSL before
> 4.7.0 does not cease processing for certain anomalous peer behavior
> (sending an ED22519, ED448, ECC, or RSA signature without the
> corresponding certificate). The client side is affected because
> man-in-the-middle attackers can impersonate TLS 1.3 servers.
> https://github.com/wolfSSL/wolfssl/releases/tag/v4.7.0-stable
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Committed to 2020.02.x and 2020.11.x, thanks.
--
Bye, Peter Korsgaard
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-03-16 22:20 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-03-06 16:14 [Buildroot] [PATCH 1/1] package/wolfssl: security bump to version 4.7.0 Fabrice Fontaine
2021-03-06 19:25 ` Peter Korsgaard
2021-03-16 22:20 ` Peter Korsgaard
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.