mirror of
https://github.com/openwrt/openwrt.git
synced 2024-12-24 07:46:48 +00:00
86e290e1b6
This fixes multiple security problems:
* [High] CVE-2024-0901 Potential denial of service and out of bounds
read. Affects TLS 1.3 on the server side when accepting a connection
from a malicious TLS 1.3 client. If using TLS 1.3 on the server side
it is recommended to update the version of wolfSSL used.
* [Med] CVE-2024-1545 Fault Injection vulnerability in
RsaPrivateDecryption function that potentially allows an attacker
that has access to the same system with a victims process to perform
a Rowhammer fault injection. Thanks to Junkai Liang, Zhi Zhang, Xin
Zhang, Qingni Shen for the report (Peking University, The University
of Western Australia)."
* [Med] Fault injection attack with EdDSA signature operations. This
affects ed25519 sign operations where the system could be susceptible
to Rowhammer attacks. Thanks to Junkai Liang, Zhi Zhang, Xin Zhang,
Qingni Shen for the report (Peking University, The University of
Western Australia).
Size increased a little:
wolfssl 5.6.6:
516880 bin/packages/mips_24kc/base/libwolfssl5.6.6.e624513f_5.6.6-stable-r1_mips_24kc.ipk
wolfssl: 5.7.0:
519429 bin/packages/mips_24kc/base/libwolfssl5.7.0.e624513f_5.7.0-stable-r1_mips_24kc.ipk
(cherry picked from commit
|
||
---|---|---|
.. | ||
argp-standalone | ||
elfutils | ||
gettext-full | ||
gmp | ||
jansson | ||
libaudit | ||
libbsd | ||
libcap | ||
libevent2 | ||
libiconv | ||
libiconv-full | ||
libjson-c | ||
libmnl | ||
libnetfilter-conntrack | ||
libnfnetlink | ||
libnftnl | ||
libnl | ||
libnl-tiny | ||
libpcap | ||
libselinux | ||
libsemanage | ||
libsepol | ||
libtool | ||
libubox | ||
libunwind | ||
libusb | ||
mbedtls | ||
musl-fts | ||
ncurses | ||
nettle | ||
openssl | ||
pcre | ||
popt | ||
readline | ||
sysfsutils | ||
toolchain | ||
uclient | ||
ustream-ssl | ||
wolfssl | ||
zlib |