openwrt/package/libs/mbedtls/patches/300-soversion-compatibility.patch
Magnus Kroken b37a1e428a mbedtls: update to 2.16.6
Security fixes for:
* CVE-2020-10932
* a potentially remotely exploitable buffer overread in a DTLS client
* bug in DTLS handling of new associations with the same parameters

Full release announement:
https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.6-and-2.7.15-released

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
(cherry picked from commit 02fcbe2f3d)
2020-05-16 21:25:55 +02:00

35 lines
1.2 KiB
Diff

--- a/library/CMakeLists.txt
+++ b/library/CMakeLists.txt
@@ -165,7 +165,7 @@ endif(USE_STATIC_MBEDTLS_LIBRARY)
if(USE_SHARED_MBEDTLS_LIBRARY)
add_library(mbedcrypto SHARED ${src_crypto})
- set_target_properties(mbedcrypto PROPERTIES VERSION 2.16.6 SOVERSION 3)
+ set_target_properties(mbedcrypto PROPERTIES VERSION 2.12.0 SOVERSION 1)
target_link_libraries(mbedcrypto ${libs})
add_library(mbedx509 SHARED ${src_x509})
@@ -173,7 +173,7 @@ if(USE_SHARED_MBEDTLS_LIBRARY)
target_link_libraries(mbedx509 ${libs} mbedcrypto)
add_library(mbedtls SHARED ${src_tls})
- set_target_properties(mbedtls PROPERTIES VERSION 2.16.6 SOVERSION 12)
+ set_target_properties(mbedtls PROPERTIES VERSION 2.12.0 SOVERSION 10)
target_link_libraries(mbedtls ${libs} mbedx509)
install(TARGETS mbedtls mbedx509 mbedcrypto
--- a/library/Makefile
+++ b/library/Makefile
@@ -35,9 +35,9 @@ LOCAL_CFLAGS += -fPIC -fpic
endif
endif
-SOEXT_TLS=so.12
+SOEXT_TLS=so.10
SOEXT_X509=so.0
-SOEXT_CRYPTO=so.3
+SOEXT_CRYPTO=so.1
# Set AR_DASH= (empty string) to use an ar implementation that does not accept
# the - prefix for command line options (e.g. llvm-ar)