cyassl: update to version 3.2.0
authorHauke Mehrtens <hauke@hauke-m.de>
Sat, 13 Sep 2014 20:56:55 +0000 (20:56 +0000)
committerHauke Mehrtens <hauke@hauke-m.de>
Sat, 13 Sep 2014 20:56:55 +0000 (20:56 +0000)
This fixes a security problem:
Security fix for RSA Padding check vulnerability

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 42526

package/libs/cyassl/Makefile
package/libs/cyassl/patches/200-SSL_accept-handle-hello-garbage.patch

index 11ca9c2d35065050495227072d8f711515532afa..03f78cff9a1a8bc0bcb57b8ce700b9b7bcdc9c44 100644 (file)
@@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=cyassl
-PKG_VERSION:=3.1.0
+PKG_VERSION:=3.2.0
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).zip
 PKG_SOURCE_URL:=http://www.yassl.com/
-PKG_MD5SUM:=72477eb50697e759d309c49cb1aef18a
+PKG_MD5SUM:=a80493c224ff86e45dc333c06d5edb88
 
 PKG_FIXUP:=libtool
 PKG_INSTALL:=1
index 82e08c00d3025ab7dd2dd00eaa4d351996a1ce7a..5463cb0cf9f4890ad791a0f73adbfc014ee27ede 100644 (file)
@@ -1,6 +1,6 @@
 --- a/src/internal.c
 +++ b/src/internal.c
-@@ -5600,6 +5600,10 @@ int ProcessReply(CYASSL* ssl)
+@@ -6037,6 +6037,10 @@ int ProcessReply(CYASSL* ssl)
                  b1 =
                  ssl->buffers.inputBuffer.buffer[ssl->buffers.inputBuffer.idx++];
                  ssl->curSize = (word16)(((b0 & 0x7f) << 8) | b1);