mirror of
https://github.com/openwrt/openwrt.git
synced 2024-12-23 23:42:43 +00:00
This repository is a mirror of https://git.openwrt.org/openwrt/openwrt.git It is for reference only and is not active for check-ins. We will continue to accept Pull Requests here. They will be merged via staging trees then into openwrt.git.
19b8696dd7
Mbed TLS 2.16.7 is a maintenance release of the Mbed TLS 2.16 branch,
and provides bug fixes and minor enhancements. This release includes
fixes for security issues and the most severe one is described in more
detail in a security advisory:
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-07
* Fix a side channel vulnerability in modular exponentiation that could
reveal an RSA private key used in a secure enclave.
* Fix side channel in mbedtls_ecp_check_pub_priv() and
mbedtls_pk_parse_key() / mbedtls_pk_parse_keyfile() (when loading a private
key that didn't include the uncompressed public key), as well as
mbedtls_ecp_mul() / mbedtls_ecp_mul_restartable() when called with a NULL
f_rng argument. An attacker with access to precise enough timing and
memory access information (typically an untrusted operating system
attacking a secure enclave) could fully recover the ECC private key.
* Fix issue in Lucky 13 counter-measure that could make it ineffective when
hardware accelerators were used (using one of the MBEDTLS_SHAxxx_ALT
macros).
Due to Mbed TLS moving from ARMmbed to the Trusted Firmware project, some
changes to the download URLs are required. For the time being, the
ARMmbed/mbedtls Github repository is the canonical source for Mbed TLS.
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
[Use https://codeload.github.com and new tar.gz file]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
|
||
---|---|---|
.github | ||
config | ||
include | ||
package | ||
scripts | ||
target | ||
toolchain | ||
tools | ||
.gitattributes | ||
.gitignore | ||
BSDmakefile | ||
Config.in | ||
feeds.conf.default | ||
LICENSE | ||
Makefile | ||
README | ||
rules.mk |
_______ ________ __ | |.-----.-----.-----.| | | |.----.| |_ | - || _ | -__| || | | || _|| _| |_______|| __|_____|__|__||________||__| |____| |__| W I R E L E S S F R E E D O M ----------------------------------------------------- This is the buildsystem for the OpenWrt Linux distribution. To build your own firmware you need a Linux, BSD or MacOSX system (case sensitive filesystem required). Cygwin is unsupported because of the lack of a case sensitive file system. You need gcc, binutils, bzip2, flex, python, perl, make, find, grep, diff, unzip, gawk, getopt, subversion, libz-dev and libc headers installed. 1. Run "./scripts/feeds update -a" to obtain all the latest package definitions defined in feeds.conf / feeds.conf.default 2. Run "./scripts/feeds install -a" to install symlinks for all obtained packages into package/feeds/ 3. Run "make menuconfig" to select your preferred configuration for the toolchain, target system & firmware packages. 4. Run "make" to build your firmware. This will download all sources, build the cross-compile toolchain and then cross-compile the Linux kernel & all chosen applications for your target system. Sunshine! Your OpenWrt Community http://www.openwrt.org