mirror of
https://github.com/openwrt/openwrt.git
synced 2024-12-23 07:22:33 +00:00
b37a1e428a
Security fixes for:
* CVE-2020-10932
* a potentially remotely exploitable buffer overread in a DTLS client
* bug in DTLS handling of new associations with the same parameters
Full release announement:
https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.6-and-2.7.15-released
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
(cherry picked from commit 02fcbe2f3d
)
35 lines
1.2 KiB
Diff
35 lines
1.2 KiB
Diff
--- a/library/CMakeLists.txt
|
|
+++ b/library/CMakeLists.txt
|
|
@@ -165,7 +165,7 @@ endif(USE_STATIC_MBEDTLS_LIBRARY)
|
|
|
|
if(USE_SHARED_MBEDTLS_LIBRARY)
|
|
add_library(mbedcrypto SHARED ${src_crypto})
|
|
- set_target_properties(mbedcrypto PROPERTIES VERSION 2.16.6 SOVERSION 3)
|
|
+ set_target_properties(mbedcrypto PROPERTIES VERSION 2.12.0 SOVERSION 1)
|
|
target_link_libraries(mbedcrypto ${libs})
|
|
|
|
add_library(mbedx509 SHARED ${src_x509})
|
|
@@ -173,7 +173,7 @@ if(USE_SHARED_MBEDTLS_LIBRARY)
|
|
target_link_libraries(mbedx509 ${libs} mbedcrypto)
|
|
|
|
add_library(mbedtls SHARED ${src_tls})
|
|
- set_target_properties(mbedtls PROPERTIES VERSION 2.16.6 SOVERSION 12)
|
|
+ set_target_properties(mbedtls PROPERTIES VERSION 2.12.0 SOVERSION 10)
|
|
target_link_libraries(mbedtls ${libs} mbedx509)
|
|
|
|
install(TARGETS mbedtls mbedx509 mbedcrypto
|
|
--- a/library/Makefile
|
|
+++ b/library/Makefile
|
|
@@ -35,9 +35,9 @@ LOCAL_CFLAGS += -fPIC -fpic
|
|
endif
|
|
endif
|
|
|
|
-SOEXT_TLS=so.12
|
|
+SOEXT_TLS=so.10
|
|
SOEXT_X509=so.0
|
|
-SOEXT_CRYPTO=so.3
|
|
+SOEXT_CRYPTO=so.1
|
|
|
|
# Set AR_DASH= (empty string) to use an ar implementation that does not accept
|
|
# the - prefix for command line options (e.g. llvm-ar)
|