openwrtv4/package
Kevin Darbyshire-Bryant 69ac637fbb mbedtls: update to 2.6.0 CVE-2017-14032
Fixed an authentication bypass issue in SSL/TLS. When the TLS
authentication mode was set to 'optional',
mbedtls_ssl_get_verify_result() would incorrectly return 0 when the
peer's X.509 certificate chain had more than
MBEDTLS_X509_MAX_INTERMEDIATE_CA intermediates (default: 8), even when
it was not trusted. This could be triggered remotely on both the client
and server side. (Note, with the authentication mode set by
mbedtls_ssl_conf_authmode()to be 'required' (the default), the handshake
was correctly aborted).

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
Tested-by: Magnus Kroken <mkroken@gmail.com>
2017-09-11 01:56:14 +02:00
..
base-files base-files: add /etc/profile.d to conffiles 2017-09-03 01:27:46 +03:00
boot uboot-envtools: Add support for IPQ806x AP148 and DB149 2017-08-30 18:12:48 +02:00
devel toolchain/arc: update to the most recent release arc-2017.03 2017-07-18 23:23:27 +02:00
firmware ath10k-firmware: update qca9887 firmware to 10.2.4-1.0-00029 2017-08-23 16:34:21 +02:00
kernel ramips: fix mt76x8 dependencies 2017-09-05 08:08:36 +02:00
libs mbedtls: update to 2.6.0 CVE-2017-14032 2017-09-11 01:56:14 +02:00
network tcpdump: bump to 4.9.2 2017-09-11 01:56:14 +02:00
system ubox: update to git HEAD version 2017-09-01 16:05:59 +02:00
utils busybox: update to 1.27.2 2017-08-30 22:34:41 +02:00
Makefile build: cleanup tmp/ dir of target rootfs 2017-05-02 22:10:50 +08:00