[OpenWrt-Devel] [CC 15.05] polarssl: Security update (CVE-2015-5291)

jow at openwrt.org jow at openwrt.org
Tue Nov 24 10:43:47 EST 2015 

The polarssl package has been rebuilt and was uploaded to the Chaos
Calmer 15.05 repository due to a reported security issue.


VERSION

1.3.11-1 => 1.3.14-1


CHANGELOG

[Sun, 18 Oct 2015 21:48:32 +0000 ed8b245]

Update to version 1.3.14

This fixes CVE-2015-5291 and some other smaller security issues.

[Thu, 15 Oct 2015 22:12:13 +0000 cef3ed6]

Remove trailing whitespaces

[Tue, 1 Sep 2015 18:48:15 +0000 56ac717]

Bump to 1.3.12

[Tue, 18 Aug 2015 08:37:38 +0000 c3eab1c]

Packages that depend on PolarSSL fail to build because polarssl's
InstallDev section never actually gets executed because (prior to this
patch) the package name does not match the subdir the package is in
(presumably due to upstream name change). As a workaround I have changed
the package name back to polarssl and used a new variable SRC_PKG_NAME
for the purposes of downloading the upstream tarball and creating
PKG_BUILD_DIR.

[Fri, 24 Jul 2015 22:26:44 +0000 72f741c]

Package version 2.0, make polarssl compatible


CHANGES

 package/libs/polarssl/Makefile                |   21 ++++---
 .../polarssl/patches/100-disable_sslv3.patch  |    2 +-
 .../polarssl/patches/200-reduce_config.patch  |   50 ++++++++---------
 3 files changed, 38 insertions(+), 35 deletions(-)


REFERENCES

 * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5291
 * https://tls.mbed.org/tech-updates/releases/polarssl-1.2.15-and-mbedtls-1.3.12-released
 * https://tls.mbed.org/tech-updates/releases/mbedtls-2.1.1-and-1.3.13-and-polarssl-1.2.16-released
 * https://tls.mbed.org/tech-updates/releases/mbedtls-2.1.2-and-1.3.14-and-polarssl-1.2.17-released
 * http://git.openwrt.org/?p=15.05/openwrt.git;a=commit;h=72f741c118ac89f4fb6f03211227ec86c2eb5f6d
 * http://git.openwrt.org/?p=15.05/openwrt.git;a=commit;h=c3eab1cd32f7576a9aa21f7554cb31daeaab5e3b
 * http://git.openwrt.org/?p=15.05/openwrt.git;a=commit;h=56ac71722f0d275a1f1a04b4a1bc0e00303ebfcd
 * http://git.openwrt.org/?p=15.05/openwrt.git;a=commit;h=cef3ed688e2e7a8521ad386b64849258087f4f9c
 * http://git.openwrt.org/?p=15.05/openwrt.git;a=commit;h=ed8b2452a211dc09c85e73f252d8922ee7e2efd0
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel

More information about the openwrt-devel mailing list