package/wolfssl: security bump to version 4.6.0

- Fix CVE-2020-36177: RsaPad_PSS in wolfcrypt/src/rsa.c in wolfSSL before 4.6.0 has an out-of-bounds write for certain relationships between key size and digest size. - Drop patch (already in version) https://github.com/wolfSSL/wolfssl/releases/tag/v4.6.0-stable Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-01-14 20:48:32 +01:00 · 2021-01-14 20:48:32 +01:00 · 6a2d5ab0ae
commit 6a2d5ab0ae
parent 86b07d220c
3 changed files with 2 additions and 34 deletions
--- a/package/wolfssl/0001-Make-ByteReverseWords-available-for-big-and-little-endian.patch
+++ b/package/wolfssl/0001-Make-ByteReverseWords-available-for-big-and-little-endian.patch
@ -1,32 +0,0 @@
-From b90acc91d0cd276befe7f08f87ba2dc5ee7122ff Mon Sep 17 00:00:00 2001
-From: Tesfa Mael <tesfa@wolfssl.com>
-Date: Wed, 26 Aug 2020 10:13:06 -0700
-Subject: [PATCH] Make ByteReverseWords available for big and little endian
-
-[Retrieved from:
-https://github.com/wolfSSL/wolfssl/pull/3255/commits/b90acc91d0cd276befe7f08f87ba2dc5ee7122ff]
-Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
- wolfcrypt/src/misc.c | 2 --
- 1 file changed, 2 deletions(-)
-
-diff --git a/wolfcrypt/src/misc.c b/wolfcrypt/src/misc.c
-index fe66ee0a1a..23bfa1adc5 100644
--- a/wolfcrypt/src/misc.c
-+++ b/wolfcrypt/src/misc.c
-@@ -120,7 +120,6 @@ WC_STATIC WC_INLINE word32 ByteReverseWord32(word32 value)
-     return rotlFixed(value, 16U);
- #endif
- }
-#if defined(LITTLE_ENDIAN_ORDER)
- /* This routine performs a byte swap of words array of a given count. */
- WC_STATIC WC_INLINE void ByteReverseWords(word32* out, const word32* in,
-                                     word32 byteCount)
-@@ -131,7 +130,6 @@ WC_STATIC WC_INLINE void ByteReverseWords(word32* out, const word32* in,
-         out[i] = ByteReverseWord32(in[i]);
- 
- }
-#endif /* LITTLE_ENDIAN_ORDER */
- 
- #if defined(WORD64_AVAILABLE) && !defined(WOLFSSL_NO_WORD64_OPS)
- 
--- a/package/wolfssl/wolfssl.hash
+++ b/package/wolfssl/wolfssl.hash
@ -1,5 +1,5 @@
 # Locally computed:
-sha256  7de62300ce14daa0051bfefc7c4d6302f96cabc768b6ae49eda77523b118250c  wolfssl-4.5.0-stable.tar.gz
+sha256  053aefbb02d0b06b27c5e2df6875b4b587318755b7db9d6aa8d72206b310a848  wolfssl-4.6.0-stable.tar.gz

 # Hash for license files:
 sha256  8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643  COPYING
--- a/package/wolfssl/wolfssl.mk
+++ b/package/wolfssl/wolfssl.mk
@ -4,7 +4,7 @@
 #
 ################################################################################

-WOLFSSL_VERSION = 4.5.0-stable
+WOLFSSL_VERSION = 4.6.0-stable
 WOLFSSL_SITE = $(call github,wolfSSL,wolfssl,v$(WOLFSSL_VERSION))
 WOLFSSL_INSTALL_STAGING = YES