treewide: fix security issues by bumping all packages using libwolfssl
authorPetr Štetiar <ynezz@true.cz>
Thu, 29 Sep 2022 16:45:40 +0000 (18:45 +0200)
committerPetr Štetiar <ynezz@true.cz>
Mon, 3 Oct 2022 15:52:06 +0000 (17:52 +0200)
commitf1b7e1434f66a3cb09cb9e70b40add354a22e458
tree982b4329af93348be164fc7fb4d6f05f2f78f651
parent149fc3a269b435483b31df03d6fd9679286cf9e7
treewide: fix security issues by bumping all packages using libwolfssl

As wolfSSL is having hard time maintaining ABI compatibility between
releases, we need to manually force rebuild of packages depending on
libwolfssl and thus force their upgrade. Otherwise due to the ABI
handling we would endup with possibly two libwolfssl libraries in the
system, including the patched libwolfssl-5.5.1, but still have
vulnerable services running using the vulnerable libwolfssl-5.4.0.

So in order to propagate update of libwolfssl to latest stable release
done in commit ec8fb542ec3e4 ("wolfssl: fix TLSv1.3 RCE in uhttpd by
using 5.5.1-stable (CVE-2022-39173)") which fixes several remotely
exploitable vulnerabilities, we need to bump PKG_RELEASE of all
packages using wolfSSL library.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
package/libs/ustream-ssl/Makefile
package/network/services/hostapd/Makefile
package/utils/px5g-wolfssl/Makefile
package/utils/uencrypt/Makefile