openwrt

mirror of https://github.com/openwrt/openwrt.git synced 2024-12-20 14:13:16 +00:00

History

Petr Štetiar 8444302a92 treewide: fix security issues by bumping all packages using libwolfssl As wolfSSL is having hard time maintaining ABI compatibility between releases, we need to manually force rebuild of packages depending on libwolfssl and thus force their upgrade. Otherwise due to the ABI handling we would endup with possibly two libwolfssl libraries in the system, including the patched libwolfssl-5.5.1, but still have vulnerable services running using the vulnerable libwolfssl-5.4.0. So in order to propagate update of libwolfssl to latest stable release done in commit `ec8fb542ec` ("wolfssl: fix TLSv1.3 RCE in uhttpd by using 5.5.1-stable (CVE-2022-39173)") which fixes several remotely exploitable vulnerabilities, we need to bump PKG_RELEASE of all packages using wolfSSL library. Signed-off-by: Petr Štetiar <ynezz@true.cz> (cherry picked from commit `f1b7e1434f`) (cherry picked from commit `562894b39d`)	2022-10-05 21:09:50 +02:00
..
Makefile	treewide: fix security issues by bumping all packages using libwolfssl	2022-10-05 21:09:50 +02:00
px5g-wolfssl.c	px5g-wolfssl: Fix certificate signature	2021-01-26 16:59:53 -10:00

Petr Štetiar 8444302a92 treewide: fix security issues by bumping all packages using libwolfssl

As wolfSSL is having hard time maintaining ABI compatibility between
releases, we need to manually force rebuild of packages depending on
libwolfssl and thus force their upgrade. Otherwise due to the ABI
handling we would endup with possibly two libwolfssl libraries in the
system, including the patched libwolfssl-5.5.1, but still have
vulnerable services running using the vulnerable libwolfssl-5.4.0.

So in order to propagate update of libwolfssl to latest stable release
done in commit ec8fb542ec ("wolfssl: fix TLSv1.3 RCE in uhttpd by
using 5.5.1-stable (CVE-2022-39173)") which fixes several remotely
exploitable vulnerabilities, we need to bump PKG_RELEASE of all
packages using wolfSSL library.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit f1b7e1434f)
(cherry picked from commit 562894b39d)

2022-10-05 21:09:50 +02:00

Makefile treewide: fix security issues by bumping all packages using libwolfssl 2022-10-05 21:09:50 +02:00

px5g-wolfssl.c px5g-wolfssl: Fix certificate signature 2021-01-26 16:59:53 -10:00