ExternalVendorCode/openwrt
1
0
Fork 0
mirror of https://github.com/openwrt/openwrt.git synced 2025-01-04 13:04:22 +00:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity
7cd482662f
openwrt/package/libs/wolfssl
History
Eneas U de Queiroz 2393b09b59 wolfssl: bump to 5.2.0 
Fixes two high-severity vulnerabilities:

- CVE-2022-25640: A TLS v1.3 server who requires mutual authentication
  can be bypassed.  If a malicious client does not send the
  certificate_verify message a client can connect without presenting a
  certificate even if the server requires one.

- CVE-2022-25638: A TLS v1.3 client attempting to authenticate a TLS
  v1.3 server can have its certificate heck bypassed. If the sig_algo in
  the certificate_verify message is different than the certificate
  message checking may be bypassed.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit e89f3e85eb)
2022-04-11 22:44:17 +02:00
..
patches wolfssl: bump to 5.2.0 2022-04-11 22:44:17 +02:00
Config.in libs/wolfssl: add SAN (Subject Alternative Name) support 2021-12-29 22:55:16 +01:00
Makefile wolfssl: bump to 5.2.0 2022-04-11 22:44:17 +02:00