[OpenWrt-Devel] [PATCH] mbedtls: update to 2.14.1 for 18.06

Hauke Mehrtens hauke at hauke-m.de
Sun Dec 23 13:51:29 EST 2018


On 12/22/18 11:16 AM, Stijn Segers wrote:
> Updates mbedtls to 2.14.1. This builds on the previous master commit 7849f74117ce83e4cfcd1448a22cc05dbf9b3486.
> 
> Fixes in 2.13.0:
> * Fixed a security issue in the X.509 module which could lead to a buffer overread during certificate extensions parsing.
> * Several bugfixes.
> * Improvements for better support for DTLS on low-bandwidth, high latency networks with high packet loss.
> 
> Fixes in 2.14.1:
> * CVE-2018-19608: Local timing attack on RSA decryption
> 
> Includes master commit 9e7c4702a1f4e49113d10bc736f50e8a06bdb8ba 'mbedtls: fix compilation on ARM < 6'.
> 
> Signed-off-by: Daniel Engberg <daniel.engberg.lists at pyret.net>
> 
> [Update to 2.14.1]
> Signed-off-by: Hauke Mehrtens <hauke at hauke-m.de>
> 
> [Adapted and squashed for 18.06.1+]
> Signed-off-by: Stijn Segers <foss at volatilesystems.org>

Acked-by: Hauke Mehrtens <hauke at hauke-m.de>

> ---
>   package/libs/mbedtls/Makefile                 |  4 +-
>   package/libs/mbedtls/patches/200-config.patch | 48 +++++++++----------
>   ...optimized-MULADDC-code-only-on-ARM-6.patch | 27 +++++++++++
>   .../patches/300-soversion-compatibility.patch |  6 +--
>   4 files changed, 56 insertions(+), 29 deletions(-)
>   create mode 100644 package/libs/mbedtls/patches/300-bn_mul.h-Use-optimized-MULADDC-code-only-on-ARM-6.patch
> 

_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel



More information about the openwrt-devel mailing list