From: Petr Štetiar Date: Thu, 29 Sep 2022 16:45:40 +0000 (+0200) Subject: treewide: fix security issues by bumping all packages using libwolfssl X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=f1b7e1434f66a3cb09cb9e70b40add354a22e458;p=openwrt%2Fstaging%2Fjow.git treewide: fix security issues by bumping all packages using libwolfssl As wolfSSL is having hard time maintaining ABI compatibility between releases, we need to manually force rebuild of packages depending on libwolfssl and thus force their upgrade. Otherwise due to the ABI handling we would endup with possibly two libwolfssl libraries in the system, including the patched libwolfssl-5.5.1, but still have vulnerable services running using the vulnerable libwolfssl-5.4.0. So in order to propagate update of libwolfssl to latest stable release done in commit ec8fb542ec3e4 ("wolfssl: fix TLSv1.3 RCE in uhttpd by using 5.5.1-stable (CVE-2022-39173)") which fixes several remotely exploitable vulnerabilities, we need to bump PKG_RELEASE of all packages using wolfSSL library. Signed-off-by: Petr Štetiar --- diff --git a/package/libs/ustream-ssl/Makefile b/package/libs/ustream-ssl/Makefile index a5e34a73b4..3181f66c7e 100644 --- a/package/libs/ustream-ssl/Makefile +++ b/package/libs/ustream-ssl/Makefile @@ -1,7 +1,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=ustream-ssl -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE_PROTO:=git PKG_SOURCE_URL=$(PROJECT_GIT)/project/ustream-ssl.git diff --git a/package/network/services/hostapd/Makefile b/package/network/services/hostapd/Makefile index e479496879..0eb8279453 100644 --- a/package/network/services/hostapd/Makefile +++ b/package/network/services/hostapd/Makefile @@ -5,7 +5,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=hostapd -PKG_RELEASE:=$(AUTORELEASE) +PKG_RELEASE:=$(AUTORELEASE).1 PKG_SOURCE_URL:=http://w1.fi/hostap.git PKG_SOURCE_PROTO:=git diff --git a/package/utils/px5g-wolfssl/Makefile b/package/utils/px5g-wolfssl/Makefile index 95517c5c00..ea805acd8b 100644 --- a/package/utils/px5g-wolfssl/Makefile +++ b/package/utils/px5g-wolfssl/Makefile @@ -5,7 +5,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=px5g-wolfssl -PKG_RELEASE:=$(COMMITCOUNT) +PKG_RELEASE:=$(COMMITCOUNT).1 PKG_LICENSE:=GPL-2.0-or-later PKG_USE_MIPS16:=0 diff --git a/package/utils/uencrypt/Makefile b/package/utils/uencrypt/Makefile index 9307f97b6e..023c84b600 100644 --- a/package/utils/uencrypt/Makefile +++ b/package/utils/uencrypt/Makefile @@ -4,7 +4,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=uencrypt -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_FLAGS:=nonshared PKG_LICENSE:=GPL-2.0-or-later