ExternalVendorCode/openwrt
1
0
Fork 0
mirror of https://github.com/openwrt/openwrt.git synced 2025-01-16 09:50:26 +00:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity
58,432 Commits 9 Branches 77 Tags 894 MiB
dee4309bdf
Commit Graph

5 Commits

Author SHA1 Message Date
Hauke Mehrtens
dee4309bdf mbedtls: Update to 2.28.8 
This contains a fix for:
CVE-2024-28960: An issue was discovered in Mbed TLS 2.18.0 through 2.28.x
before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto
API mishandles shared memory.

(cherry picked from commit 360ac07eb9)
Link: https://github.com/openwrt/openwrt/pull/15898
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
 2024-07-08 21:13:26 +02:00
Hauke Mehrtens
72f7f18d2b mbedtls: Update to version 2.28.5 
This fixes some minor security problems.
Changelog: https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-2.28.5

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 9e1c5ad4b0)
 2023-10-15 19:51:39 +02:00
Hauke Mehrtens
58d838d81d mbedtls: Update to version 2.28.4 
This only fixes minor problems.
Changelog: https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.4

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit d773fe5411)
 2023-08-11 12:53:34 +02:00
Hauke Mehrtens
d679b15d31 mbedtls: Update to version 2.28.3 
This only fixes minor problems.
Changelog: https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.3

The 100-fix-compile.patch patch was merged upstream, see:
https://github.com/Mbed-TLS/mbedtls/issues/6243
https://github.com/Mbed-TLS/mbedtls/pull/7013

The code style of all files in mbedtls 2.28.3 was changed. I took a new
version of the 100-x509-crt-verify-SAN-iPAddress.patch patch from this
pull request: https://github.com/Mbed-TLS/mbedtls/pull/6475

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
 2023-04-10 13:36:26 +02:00
Glenn Strauss
2a691fc7f2 mbedtls: x509 crt verify SAN iPAddress 
backport from
X509 crt verify SAN iPAddress
https://github.com/Mbed-TLS/mbedtls/pull/6475

addresses
curl built with mbedtls fails on https://1.1.1.1/ (IP address in SubjectAltName)
https://github.com/Mbed-TLS/mbedtls/issues/6473

filed for
mbedTLS: BADCERT_CN_MISMATCH on https://1.1.1.1 with curl+mbedtls
https://github.com/openwrt/packages/issues/19677

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
 2023-02-03 11:27:58 +01:00