[Buildroot] [PATCH] polarssl: security bump to version 1.2.17
Vicente Olivert Riera
Vincent.Riera at imgtec.com
Fri Oct 16 16:35:08 UTC 2015
Dear Gustavo Zacarias,
On 10/16/2015 04:54 PM, Gustavo Zacarias wrote:
> Fixes:
> CVE-2015-5291 - Remote attack on clients using session tickets or SNI
>
> Also includes countermeasures against Lenstra's RSA-CRT attach for
> PKCS#1 v1.5 signatures (1.2.16) and the Logjam attack (1.2.15).
>
> Signed-off-by: Gustavo Zacarias <gustavo at zacarias.com.ar>
Reviewed-by: Vicente Olivert Riera <Vincent.Riera at imgtec.com>
Tested-by: Vicente Olivert Riera <Vincent.Riera at imgtec.com>
Build test for MIPS architecture:
$ grep -E ^POLARSSL_VERSION package/polarssl/polarssl.mk
POLARSSL_VERSION = 1.2.17
$ file output/target/usr/lib/libpolarssl.so.1.2.17
output/target/usr/lib/libpolarssl.so.1.2.17: ELF 32-bit MSB shared
object, MIPS, MIPS32 rel2 version 1 (SYSV), dynamically linked, with
unknown capability 0x41000000 = 0xf676e75, with unknown capability
0x10000 = 0x70401, stripped
Regards,
Vincent.
More information about the buildroot
mailing list