wolfssl: Backport fix for CVE-2021-3336
authorHauke Mehrtens <hauke@hauke-m.de>
Mon, 8 Feb 2021 23:53:09 +0000 (00:53 +0100)
committerHauke Mehrtens <hauke@hauke-m.de>
Tue, 9 Feb 2021 22:12:49 +0000 (23:12 +0100)
commit1f559cafe5cc1193a5962d40a2d938c66c783171
treea543aaa864e53d2421fe201d0e8193650b29a56a
parentff076f873f3bb01e4613f925315ae73c76a2d914
wolfssl: Backport fix for CVE-2021-3336

This should fix CVE-2021-3336:
DoTls13CertificateVerify in tls13.c in wolfSSL through 4.6.0 does not
cease processing for certain anomalous peer behavior (sending an
ED22519, ED448, ECC, or RSA signature without the corresponding
certificate).

The patch is backported from the upstream wolfssl development branch.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
package/libs/wolfssl/Makefile
package/libs/wolfssl/patches/010-CVE-2021-3336.patch [new file with mode: 0644]