projects / librecmc / librecmc.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b090ef3) | patch
mbedtls: update to version 2.7.0
authorRISCi_ATOM <bob@bobcall.me>
Tue, 20 Mar 2018 19:45:16 +0000 (15:45 -0400)
committerRISCi_ATOM <bob@bobcall.me>
Tue, 20 Mar 2018 19:45:16 +0000 (15:45 -0400)
commitb2c562bd9ca46788dbd65c4a8e6aab08ab0ac41d
treef8013bc0f85d303ee837e7fc0682fc34dbc3bfd2tree | snapshot
parentb090ef38d80ce9d64168b99d160e04872ce12780commit | diff
mbedtls: update to version 2.7.0

    This fixes the following security problems:
    * CVE-2018-0488: Risk of remote code execution when truncated HMAC is enabled
    * CVE-2018-0487: Risk of remote code execution when verifying RSASSA-PSS signatures

    This release is also ABI incompatible with the previous one, but it is
    API compatible.

    Some functions used by a lot of other software was renamed and the old
    function names are provided as a static inline now, but they are only
    active when deprecated functions are allowed, deactivate the removal of
    deprecated functions for now.

    Also increase the PKG_RELEASE version to force a rebuild and update of
    packages depending on mbedtls to handle the changed ABI.

    Picked from upstream commit : f609913b5c60f7c65c462730993cd1c752083fd6
package/libs/mbedtls/Makefile diff | blob | history
package/libs/mbedtls/patches/200-config.patch diff | blob | history
package/libs/ustream-ssl/Makefile diff | blob | history
package/network/services/openvpn/Makefile diff | blob | history
package/network/utils/curl/Makefile diff | blob | history
package/network/utils/curl/patches/320-mbedtls-nonblocking-handshake.patch [new file with mode: 0644] blob
package/utils/px5g/Makefile diff | blob | history