[Buildroot] [git commit branch/2022.08.x] package/wolfssl: security bump to version 5.5.1
Peter Korsgaard
peter at korsgaard.com
Sat Oct 15 14:26:27 UTC 2022
commit: https://git.buildroot.net/buildroot/commit/?id=4cd106188a876163d5c056ec3c6e9bae0df8e0bb
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/2022.08.x
Denial of service attack and buffer overflow against TLS 1.3
servers using session ticket resumption. When built with
--enable-session-ticket and making use of TLS 1.3 server code in
wolfSSL, there is the possibility of a malicious client to craft a
malformed second ClientHello packet that causes the server to crash.
This issue is limited to when using both --enable-session-ticket and TLS
1.3 on the server side. Users with TLS 1.3 servers, and having
--enable-session-ticket, should update to the latest version of wolfSSL.
https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.1-stable
Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998 at free.fr>
(cherry picked from commit 2e4c0e722f4d9494c2451458a42d4c4f8ef006ab)
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
---
package/wolfssl/wolfssl.hash | 2 +-
package/wolfssl/wolfssl.mk | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/package/wolfssl/wolfssl.hash b/package/wolfssl/wolfssl.hash
index f1401e4cda..3849ffb9fc 100644
--- a/package/wolfssl/wolfssl.hash
+++ b/package/wolfssl/wolfssl.hash
@@ -1,5 +1,5 @@
# Locally computed:
-sha256 c34b74b5f689fac7becb05583b044e84d3b10d39f38709f0095dd5d423ded67f wolfssl-5.5.0.tar.gz
+sha256 97339e6956c90e7c881ba5c748dd04f7c30e5dbe0c06da765418c51375a6dee3 wolfssl-5.5.1.tar.gz
# Hash for license files:
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING
diff --git a/package/wolfssl/wolfssl.mk b/package/wolfssl/wolfssl.mk
index ca360312c9..95d4f47952 100644
--- a/package/wolfssl/wolfssl.mk
+++ b/package/wolfssl/wolfssl.mk
@@ -4,7 +4,7 @@
#
################################################################################
-WOLFSSL_VERSION = 5.5.0
+WOLFSSL_VERSION = 5.5.1
WOLFSSL_SITE = $(call github,wolfSSL,wolfssl,v$(WOLFSSL_VERSION)-stable)
WOLFSSL_INSTALL_STAGING = YES
More information about the buildroot
mailing list