From 279bd4993d3890c9b156eb156a69308197ff2481 Mon Sep 17 00:00:00 2001 From: Fabrice Fontaine Date: Sat, 13 Jul 2024 23:52:52 +0200 Subject: [PATCH] package/wolfssl: security bump to version 5.7.2 - Fix CVE-2024-1544, CVE-2024-5288, CVE-2024-5991 and CVE-2024-5814 - Disable option checking which is enabled by default since https://github.com/wolfSSL/wolfssl/commit/412447ac416ce76ba2a9bebbea8917258ed4c81e https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.2-stable Signed-off-by: Fabrice Fontaine Signed-off-by: Thomas Petazzoni (cherry picked from commit f13e0014a548244cd0e617ab60b47c68c872f823) Signed-off-by: Peter Korsgaard --- package/wolfssl/wolfssl.hash | 2 +- package/wolfssl/wolfssl.mk | 7 +++++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/package/wolfssl/wolfssl.hash b/package/wolfssl/wolfssl.hash index e705bba9fd..9a1e8bfd4a 100644 --- a/package/wolfssl/wolfssl.hash +++ b/package/wolfssl/wolfssl.hash @@ -1,5 +1,5 @@ # Locally computed: -sha256 2de93e8af588ee856fe67a6d7fce23fc1b226b74d710b0e3946bc8061f6aa18f wolfssl-5.7.0.tar.gz +sha256 0f2ed82e345b833242705bbc4b08a2a2037a33f7bf9c610efae6464f6b10e305 wolfssl-5.7.2.tar.gz # Hash for license files: sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING diff --git a/package/wolfssl/wolfssl.mk b/package/wolfssl/wolfssl.mk index 893408eca4..91ab7ca08a 100644 --- a/package/wolfssl/wolfssl.mk +++ b/package/wolfssl/wolfssl.mk @@ -4,7 +4,7 @@ # ################################################################################ -WOLFSSL_VERSION = 5.7.0 +WOLFSSL_VERSION = 5.7.2 WOLFSSL_SITE = $(call github,wolfSSL,wolfssl,v$(WOLFSSL_VERSION)-stable) WOLFSSL_INSTALL_STAGING = YES @@ -16,7 +16,10 @@ WOLFSSL_CONFIG_SCRIPTS = wolfssl-config WOLFSSL_AUTORECONF = YES WOLFSSL_DEPENDENCIES = host-pkgconf -WOLFSSL_CONF_OPTS = --disable-examples --disable-crypttests +WOLFSSL_CONF_OPTS = \ + --disable-examples \ + --disable-crypttests \ + --disable-option-checking ifeq ($(BR2_PACKAGE_WOLFSSL_ALL),y) WOLFSSL_CONF_OPTS += --enable-all