3a2891621c
Vulnerabilities - [High] CVE-2024-0901 Potential denial of service and out of bounds read. Affects TLS 1.3 on the server side when accepting a connection from a malicious TLS 1.3 client. If using TLS 1.3 on the server side it is recommended to update the version of wolfSSL used. - [Med] CVE-2024-1545 Fault Injection vulnerability in RsaPrivateDecryption function that potentially allows an attacker that has access to the same system with a victims process to perform a Rowhammer fault injection. - [Med] Fault injection attack with EdDSA signature operations. This affects ed25519 sign operations where the system could be susceptible to Rowhammer attacks. No official tarball provided so switch to github and set autoreconf https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.0-stable Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Arnout Vandecappelle <arnout@mind.be> |
||
---|---|---|
.. | ||
Config.in | ||
wolfssl.hash | ||
wolfssl.mk |