mbedtls: update to version 2.28.2

Changelog: https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.2 This release of Mbed TLS provides bug fixes and minor enhancements. This release includes fixes for security issues. Fixes the following CVEs: * CVE-2022-46393: Fix potential heap buffer overread and overwrite in DTLS if MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX. * CVE-2022-46392: An adversary with access to precise enough information about memory accesses (typically, an untrusted operating system attacking a secure enclave) could recover an RSA private key after observing the victim performing a single private-key operation if the window size used for the exponentiation was 3 or smaller. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit af3c9b74e1)
2022-12-29 21:26:28 +01:00
parent b23cab2fcf
commit 158a33591d
2 changed files with 6 additions and 6 deletions
--- a/package/libs/mbedtls/patches/100-fix-compile.patch
+++ b/package/libs/mbedtls/patches/100-fix-compile.patch
@@ -4,7 +4,7 @@ Bug report: https://github.com/Mbed-TLS/mbedtls/issues/6243

 --- a/programs/ssl/ssl_server2.c
 +++ b/programs/ssl/ssl_server2.c
-@@ -2511,7 +2511,6 @@ int main( int argc, char *argv[] )
+@@ -2529,7 +2529,6 @@ int main( int argc, char *argv[] )
         }
         key_cert_init2 = 2;
 #endif /* MBEDTLS_ECDSA_C */
@@ -12,11 +12,11 @@ Bug report: https://github.com/Mbed-TLS/mbedtls/issues/6243
 
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
     if( opt.key_opaque != 0 )
-@@ -2540,6 +2539,7 @@ int main( int argc, char *argv[] )
+@@ -2558,6 +2557,7 @@ int main( int argc, char *argv[] )
     }
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
 #endif /* MBEDTLS_CERTS_C */
 +    }
 
     mbedtls_printf( " ok (key types: %s - %s)\n", mbedtls_pk_get_name( &pkey ), mbedtls_pk_get_name( &pkey2 ) );
- #endif /* MBEDTLS_X509_CRT_PARSE_C */
+ #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */