[Buildroot] [PATCH 1/2] package/hostapd: add upstream patch to fix CVE-2021-30004

Peter Korsgaard peter at korsgaard.com
Sat May 1 11:15:57 UTC 2021


>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:

 > Fixes the following security issue for the internal TLS backend:
 > - CVE-2021-30004: In wpa_supplicant and hostapd 2.9, forging attacks may
 >   occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c
 >   and tls/x509v3.c.

 > Signed-off-by: Peter Korsgaard <peter at korsgaard.com>

Committed to 2021.02.x, thanks.

-- 
Bye, Peter Korsgaard


More information about the buildroot mailing list