package/wolfssl: security bump to version 4.6.0
- Fix CVE-2020-36177: RsaPad_PSS in wolfcrypt/src/rsa.c in wolfSSL before 4.6.0 has an out-of-bounds write for certain relationships between key size and digest size. - Drop patch (already in version) https://github.com/wolfSSL/wolfssl/releases/tag/v4.6.0-stable Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This commit is contained in:
parent
86b07d220c
commit
6a2d5ab0ae
@ -1,32 +0,0 @@
|
||||
From b90acc91d0cd276befe7f08f87ba2dc5ee7122ff Mon Sep 17 00:00:00 2001
|
||||
From: Tesfa Mael <tesfa@wolfssl.com>
|
||||
Date: Wed, 26 Aug 2020 10:13:06 -0700
|
||||
Subject: [PATCH] Make ByteReverseWords available for big and little endian
|
||||
|
||||
[Retrieved from:
|
||||
https://github.com/wolfSSL/wolfssl/pull/3255/commits/b90acc91d0cd276befe7f08f87ba2dc5ee7122ff]
|
||||
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
||||
---
|
||||
wolfcrypt/src/misc.c | 2 --
|
||||
1 file changed, 2 deletions(-)
|
||||
|
||||
diff --git a/wolfcrypt/src/misc.c b/wolfcrypt/src/misc.c
|
||||
index fe66ee0a1a..23bfa1adc5 100644
|
||||
--- a/wolfcrypt/src/misc.c
|
||||
+++ b/wolfcrypt/src/misc.c
|
||||
@@ -120,7 +120,6 @@ WC_STATIC WC_INLINE word32 ByteReverseWord32(word32 value)
|
||||
return rotlFixed(value, 16U);
|
||||
#endif
|
||||
}
|
||||
-#if defined(LITTLE_ENDIAN_ORDER)
|
||||
/* This routine performs a byte swap of words array of a given count. */
|
||||
WC_STATIC WC_INLINE void ByteReverseWords(word32* out, const word32* in,
|
||||
word32 byteCount)
|
||||
@@ -131,7 +130,6 @@ WC_STATIC WC_INLINE void ByteReverseWords(word32* out, const word32* in,
|
||||
out[i] = ByteReverseWord32(in[i]);
|
||||
|
||||
}
|
||||
-#endif /* LITTLE_ENDIAN_ORDER */
|
||||
|
||||
#if defined(WORD64_AVAILABLE) && !defined(WOLFSSL_NO_WORD64_OPS)
|
||||
|
@ -1,5 +1,5 @@
|
||||
# Locally computed:
|
||||
sha256 7de62300ce14daa0051bfefc7c4d6302f96cabc768b6ae49eda77523b118250c wolfssl-4.5.0-stable.tar.gz
|
||||
sha256 053aefbb02d0b06b27c5e2df6875b4b587318755b7db9d6aa8d72206b310a848 wolfssl-4.6.0-stable.tar.gz
|
||||
|
||||
# Hash for license files:
|
||||
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING
|
||||
|
@ -4,7 +4,7 @@
|
||||
#
|
||||
################################################################################
|
||||
|
||||
WOLFSSL_VERSION = 4.5.0-stable
|
||||
WOLFSSL_VERSION = 4.6.0-stable
|
||||
WOLFSSL_SITE = $(call github,wolfSSL,wolfssl,v$(WOLFSSL_VERSION))
|
||||
WOLFSSL_INSTALL_STAGING = YES
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user