mbedtls: update to 2.16.6

Security fixes for: * CVE-2020-10932 * a potentially remotely exploitable buffer overread in a DTLS client * bug in DTLS handling of new associations with the same parameters Full release announement: https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.6-and-2.7.15-released Signed-off-by: Magnus Kroken <mkroken@gmail.com> (cherry picked from commit 02fcbe2f3d)
2024-12-25 16:31:13 +00:00 · 2020-04-16 17:47:47 +02:00 · 2020-04-16 17:47:47 +02:00 · b37a1e428a
commit b37a1e428a
parent d3af501317
2 changed files with 4 additions and 4 deletions
--- a/package/libs/mbedtls/Makefile
+++ b/package/libs/mbedtls/Makefile
@ -8,13 +8,13 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=mbedtls
-PKG_VERSION:=2.16.5
+PKG_VERSION:=2.16.6
 PKG_RELEASE:=1
 PKG_USE_MIPS16:=0

 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-gpl.tgz
 PKG_SOURCE_URL:=https://tls.mbed.org/download/
-PKG_HASH:=6ebdea6565c714f1315b9af6a802afb4b4e89976f7d5d2b15aa8028eb52e7d09
+PKG_HASH:=80a484df42f32dbe95665cd4b18ce0dd14b6c67dfd561d36d1475802e41eb3ed

 PKG_BUILD_PARALLEL:=1
 PKG_LICENSE:=GPL-2.0+
--- a/package/libs/mbedtls/patches/300-soversion-compatibility.patch
+++ b/package/libs/mbedtls/patches/300-soversion-compatibility.patch
@ -4,7 +4,7 @@
 
 if(USE_SHARED_MBEDTLS_LIBRARY)
     add_library(mbedcrypto SHARED ${src_crypto})
-    set_target_properties(mbedcrypto PROPERTIES VERSION 2.16.5 SOVERSION 3)
+-    set_target_properties(mbedcrypto PROPERTIES VERSION 2.16.6 SOVERSION 3)
 +    set_target_properties(mbedcrypto PROPERTIES VERSION 2.12.0 SOVERSION 1)
     target_link_libraries(mbedcrypto ${libs})
 
@ -13,7 +13,7 @@
     target_link_libraries(mbedx509 ${libs} mbedcrypto)
 
     add_library(mbedtls SHARED ${src_tls})
-    set_target_properties(mbedtls PROPERTIES VERSION 2.16.5 SOVERSION 12)
+-    set_target_properties(mbedtls PROPERTIES VERSION 2.16.6 SOVERSION 12)
 +    set_target_properties(mbedtls PROPERTIES VERSION 2.12.0 SOVERSION 10)
     target_link_libraries(mbedtls ${libs} mbedx509)