mbedtls: Update to 2.28.8

This contains a fix for: CVE-2024-28960: An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory. (cherry picked from commit 360ac07eb9) Link: https://github.com/openwrt/openwrt/pull/15899 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-12-20 06:08:08 +00:00 · 2024-04-21 17:40:09 +02:00 · 2024-04-21 17:40:09 +02:00 · 6ea1e214e7
commit 6ea1e214e7
parent eb9eaeb60d
1 changed files with 2 additions and 2 deletions
--- a/package/libs/mbedtls/Makefile
+++ b/package/libs/mbedtls/Makefile
@ -8,13 +8,13 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=mbedtls
-PKG_VERSION:=2.28.7
+PKG_VERSION:=2.28.8
 PKG_RELEASE:=1
 PKG_USE_MIPS16:=0

 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://codeload.github.com/ARMmbed/mbedtls/tar.gz/v$(PKG_VERSION)?
-PKG_HASH:=1df6073f0cf6a4e1953890bf5e0de2a8c7e6be50d6d6c69fa9fefcb1d14e981a
+PKG_HASH:=4fef7de0d8d542510d726d643350acb3cdb9dc76ad45611b59c9aa08372b4213

 PKG_LICENSE:=GPL-2.0-or-later
 PKG_LICENSE_FILES:=gpl-2.0.txt