mirror of
https://github.com/openwrt/openwrt.git
synced 2025-04-24 13:05:46 +00:00
53ab5629c3
This release of Mbed TLS provides the fix for a tls compatibility issue of handling fragmented handshake messages. This release includes fixes for security issues. * Potential authentication bypass in TLS handshake (CVE-2025-27810) [1] * TLS clients may unwittingly skip server authentication (CVE-2025-27809) [2] [1]: https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2025-03-2/ [2]: https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2025-03-1/ Full release announcement: https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.6.3 Signed-off-by: Magnus Kroken <mkroken@gmail.com> Link: https://github.com/openwrt/openwrt/pull/18353 Signed-off-by: Nick Hainke <vincent@systemli.org> (cherry picked from commit 1732d81d8082163c66e5b2b3b050318922d5bb88)