Commit Graph

14 Commits

Author SHA1 Message Date
Fabrice Fontaine
6bab018ee8 package/mbedtls: security bump to version 2.16.3
- Remove second patch (already in version)
- Fix a missing error detection in ECJPAKE. This could have caused a
  predictable shared secret if a hardware accelerator failed and the
  other side of the key exchange had a similar bug.
- When writing a private EC key, use a constant size for the private
  value, as specified in RFC 5915. Previously, the value was written as
  an ASN.1 INTEGER, which caused the size of the key to leak about 1 bit
  of information on average and could cause the value to be 1 byte too
  large for the output buffer.
- The deterministic ECDSA calculation reused the scheme's HMAC-DRBG to
  implement blinding. Because of this for the same key and message the
  same blinding value was generated. This reduced the effectiveness of
  the countermeasure and leaked information about the private key
  through side channels. Reported by Jack Lloyd.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-09-19 22:42:20 +02:00
Joris Offouga
5358a54852 package/mbedtls: bump version to 2.16.2
See changelog: https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.2-and-2.7.11-released

Fixes:
 - http://autobuild.buildroot.net/results/7c0/7c09c80a376cf0c4c23a3cf48314806de9251544/

Also add a patch to fix the build issue by requiring at least
ARMv6 in addition to the DSP feature.

Signed-off-by: Joris Offouga <offougajoris@gmail.com>
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-07-04 00:57:50 +02:00
Fabrice Fontaine
848221b47c mbedtls: security bump to version 2.7.9
CVE-2018-19608 is fixed by bumping mbdedtls to a version greater or
equal to 2.7.8, see
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-03

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-01-29 23:09:53 +01:00
Peter Korsgaard
7a7a159135 mbedtls: security bump to version 2.7.5
Fixes the following security issues:

- CVE-2018-0497: Remote plaintext recovery on use of CBC based ciphersuites
  through a timing side-channel

- CVE-2018-0498: Plaintext recovery on use of CBC based ciphersuites through
  a cache based side-channel

For more info, see the advisory:
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-02

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-08-24 23:12:23 +02:00
Fabrice Fontaine
023cc02d0a mbedtls: bump to version 2.7.4
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-07-25 22:59:39 +02:00
Fabrice Fontaine
a335d32a5f mbedtls: security bump to version 2.7.3
Extract from release announcement:

- (2.9, 2.7, 2.1) Fixed an issue in the X.509 module which could lead
to a buffer overread during certificate validation. Additionally, the
issue could also lead to unnecessary callback checks being made or to
some validation checks to be omitted. The overread could be triggered
remotely, while the other issues would require a non DER-compliant
certificate to be correctly signed by a trusted CA, or a trusted CA with
a non DER-compliant certificate. Found by luocm. Fixes .

- (2.9, 2.7, 2.1) Fixed the buffer length assertion in the
ssl_parse_certificate_request() function which could lead to an
arbitrary overread of the message buffer. The overreads could be caused
by receiving a malformed algorithms section which was too short. In
builds with debug output, this overread data was output with the debug
data.

- (2.9, 2.7, 2.1) Fixed a client-side bug in the validation of the
server's ciphersuite choice which could potentially lead to the client
accepting a ciphersuite it didn't offer or a ciphersuite that could not
be used with the TLS or DTLS version chosen by the server. This could
lead to corruption of internal data structures for some configurations.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-05-20 11:43:15 +02:00
Baruch Siach
babc94e9dd mbedtls: security bump to version 2.7.2
The release announcement mentions these security fixes:

  Defend against Bellcore glitch attacks by verifying the results of RSA
  private key operations.

  Fix implementation of the truncated HMAC extension. The previous
  implementation allowed an offline 2^80 brute force attack on the HMAC
  key of a single, uninterrupted connection (with no resumption of the
  session).

  Reject CRLs containing unsupported critical extensions.

  Fix a buffer overread in ssl_parse_server_key_exchange() that could
  cause a crash on invalid input. (CVE-2018-9988)

  Fix a buffer overread in ssl_parse_server_psk_hint() that could cause
  a crash on invalid input. (CVE-2018-9989)

Drop upstream patch.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-04-25 15:29:57 +02:00
Baruch Siach
3b7a59304a mbedtls: security bump to version 2.7.0
CVE-2018-0487: Remote attackers can execute arbitrary code or cause a
denial of service (buffer overflow) via a crafted certificate chain that
is mishandled during RSASSA-PSS signature verification within a TLS or
DTLS session.

CVE-2018-0488: When the truncated HMAC extension and CBC are used,
allows remote attackers to execute arbitrary code or cause a denial of
service (heap corruption) via a crafted application packet within a TLS
or DTLS session.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-02-23 09:08:25 +01:00
Baruch Siach
aa70897e29 mbedtls: security bump to version 2.6.0
Fixes CVE-2017-14032: authentication bypass.

https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2017-02

Add license hash.

Cc: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-07 11:18:26 +02:00
Gustavo Zacarias
465ce2ea73 mbedtls: security bump to verison 2.4.2
Fixes:
CVE-2017-2784 - Freeing of memory allocated on stack when validating a
public key with a secp224k1 curve.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-03-15 21:41:58 +01:00
Rahul Jain
34d34e1305 mbedtls: bump to version 2.4.0
This change also fixes
http://autobuild.buildroot.net/results/27b/27b35d03b576392955e21498ac1e62590ef5f5db/build-end.log

Signed-off-by: Rahul Jain <Rahul.Jain@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-12-06 20:20:19 +01:00
Fabrice Fontaine
5239108c33 mbedtls: bump to version 2.3.0
Signed-off-by: Fabrice Fontaine <fabrice.fontaine@orange.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-10-14 09:30:20 +02:00
Gustavo Zacarias
5d8994c47f mbedtls: security bump to version 2.2.1
Fixes:
CVE-2015-7575 - Security Losses from Obsolete and Truncated Transcript
Hashes (SLOTH) vulnerability.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-01-08 20:29:22 +01:00
Gustavo Zacarias
6b2df7ec57 mbedtls: new package
Add the mbed TLS library, formerly known as PolarSSL.
The 2.0+ version can live side-by-side with polarssl since it was
renamed, hence can be added with no conflict.

Use the Apache-2.0 license variant since it's somewhat more flexible,
the codebase is the same as the GPLv2 variant, just copyright
headers/license file changed.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-12-29 17:03:34 +01:00