[Buildroot] [PATCH 1/1] package/wolfssl: security bump to version 4.6.0
Thomas Petazzoni
thomas.petazzoni at bootlin.com
Thu Jan 14 21:33:03 UTC 2021
On Thu, 14 Jan 2021 20:48:32 +0100
Fabrice Fontaine <fontaine.fabrice at gmail.com> wrote:
> - Fix CVE-2020-36177: RsaPad_PSS in wolfcrypt/src/rsa.c in wolfSSL
> before 4.6.0 has an out-of-bounds write for certain relationships
> between key size and digest size.
> - Drop patch (already in version)
>
> https://github.com/wolfSSL/wolfssl/releases/tag/v4.6.0-stable
>
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
> ---
> ...-available-for-big-and-little-endian.patch | 32 -------------------
> package/wolfssl/wolfssl.hash | 2 +-
> package/wolfssl/wolfssl.mk | 2 +-
> 3 files changed, 2 insertions(+), 34 deletions(-)
> delete mode 100644 package/wolfssl/0001-Make-ByteReverseWords-available-for-big-and-little-endian.patch
Applied to master, thanks.
Thomas
--
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
More information about the buildroot
mailing list