projects / openwrt / staging / pepe2k.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: cf5e520) | patch
wolfssl: Backport fix for CVE-2021-3336
authorHauke Mehrtens <hauke@hauke-m.de>
Mon, 8 Feb 2021 23:53:09 +0000 (00:53 +0100)
committerHauke Mehrtens <hauke@hauke-m.de>
Tue, 9 Feb 2021 23:23:45 +0000 (00:23 +0100)
commitd5a8e8587893e63d97d59b51287972959cb73154
tree0450e033fdea8c036e2b0ccb6605701aeaba36batree | snapshot
parentcf5e5204d976be00618f809b90c9c2156657903acommit | diff
wolfssl: Backport fix for CVE-2021-3336

This should fix CVE-2021-3336:
DoTls13CertificateVerify in tls13.c in wolfSSL through 4.6.0 does not
cease processing for certain anomalous peer behavior (sending an
ED22519, ED448, ECC, or RSA signature without the corresponding
certificate).

The patch is backported from the upstream wolfssl development branch.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 1f559cafe5cc1193a5962d40a2d938c66c783171)
package/libs/wolfssl/Makefile diff | blob | history
package/libs/wolfssl/patches/010-CVE-2021-3336.patch [new file with mode: 0644] blob
Staging tree of Piotr Dymacz