domenico/openwrt_NSS_ACW
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

wolfssl: bump to 4.1.0-stable

Browse Source 
Always build AES-GCM support.
Unnecessary patches were removed.

This includes two vulnerability fixes:

CVE-2019-11873: a potential buffer overflow case with the TLSv1.3 PSK
extension parsing.

CVE-2019-13628 (currently assigned-only): potential leak of nonce sizes
when performing ECDSA signing operations. The leak is considered to be
difficult to exploit but it could potentially be used maliciously to
perform a lattice based timing attack.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
This commit is contained in:
Eneas U de Queiroz
2019-08-05 11:47:58 -03:00
committed by Hauke Mehrtens
parent 1673041013
commit 77e0e99d31
5 changed files with 16 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
package/libs/wolfssl/patches/100-disable-hardening-check.patch
View File

@@ -1,6 +1,6 @@
--- a/wolfssl/wolfcrypt/settings.h
+++ b/wolfssl/wolfcrypt/settings.h
@@ -1880,7 +1880,7 @@ extern void uITRON4_free(void *p) ;
@@ -1930,7 +1930,7 @@ extern void uITRON4_free(void *p) ;
#endif
/* warning for not using harden build options (default with ./configure) */