NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
52,107 Commits 5 Branches 387 Tags 143 MiB
Makefile 63.3%
Python 16.3%
C 9.1%
Shell 5.9%
PHP 2.7%
Other 2.3%
6a3c6d5865
Go to file
Fabrice Fontaine 6a3c6d5865 package/wolfssl: security bump to version 4.5.0 
wolfSSL version 4.5.0 contains 6 vulnerability fixes: 2 fixes for TLS 1.3,
2 side channel attack mitigations, 1 fix for a potential private key leak
in a specific use case, 1 fix for DTLS including those 3 CVEs:

- Fix CVE-2020-12457: An issue was discovered in wolfSSL before 4.5.0.
  It mishandles the change_cipher_spec (CCS) message processing logic
  for TLS 1.3. If an attacker sends ChangeCipherSpec messages in a
  crafted way involving more than one in a row, the server becomes stuck
  in the ProcessReply() loop, i.e., a denial of service.
- Fix CVE-2020-15309: An issue was discovered in wolfSSL before 4.5.0,
  when single precision is not employed. Local attackers can conduct a
  cache-timing attack against public key operations. These attackers may
  already have obtained sensitive information if the affected system has
  been used for private key operations (e.g., signing with a private
  key).
- Fix CVE-2020-24585: An issue was discovered in the DTLS handshake
  implementation in wolfSSL before 4.5.0. Clear DTLS application_data
  messages in epoch 0 do not produce an out-of-order error. Instead,
  these messages are returned to the application.

Also update hash of LICENSING as well as WOLF_LICENSE due to later
verbage update with
970391319b

https://www.wolfssl.com/docs/security-vulnerabilities/

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 0ed8bf6d2b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-29 11:58:12 +02:00
arch arch/x86: adds BR2_X86_CPU_HAS_3DNOW flag 2020-07-16 18:19:11 +02:00
board board/raspberrypi: fix rpi4/rpi4-64 genimage config files 2020-07-22 09:06:20 +02:00
boot boot/uboot: Fix kconfig to use $(BR2_MAKE) 2020-08-28 16:54:20 +02:00
configs configs/raspberrypi{3, 4}_64: enabling BR2_LINUX_KERNEL_DTB_OVERLAY_SUPPORT no longer needed 2020-05-16 21:41:16 +02:00
docs docs/manual/adding-packages-cargo.txt: drop debug profile 2020-08-28 19:07:38 +02:00
fs fs/cpio: generate reproducible archives 2020-07-16 18:33:21 +02:00
linux {linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.{4, 7}.x series 2020-08-29 10:42:49 +02:00
package package/wolfssl: security bump to version 4.5.0 2020-08-29 11:58:12 +02:00
support support/scripts/pkg-stats: drop erroneous "break" in CVE.affects() 2020-08-28 19:29:42 +02:00
system package/systemd: make sure init choice and package have same dependencies 2020-04-05 20:33:36 +02:00
toolchain toolchain/toolchain-wrapper: let recent GCC handle SOURCE_DATE_EPOCH 2020-07-16 18:32:17 +02:00
utils utils/scanpypi: use raw strings in re.compile/re.sub 2020-08-28 18:34:34 +02:00
.defconfig
.flake8 .flake8: fix check for 80/132 columns 2019-04-10 12:31:33 +02:00
.gitignore
.gitlab-ci.yml gitlab-ci: convert only/except to rules 2020-08-13 11:44:11 +02:00
.gitlab-ci.yml.in gitlab-ci: convert only/except to rules 2020-08-13 11:44:11 +02:00
CHANGES Update for 2020.05.1 2020-07-25 09:32:14 +02:00
Config.in Config.in: update BR2_OPTIMIZE_FAST prompt and help text 2020-07-22 13:38:46 +02:00
Config.in.legacy package/wiringpi: remove 2020-05-25 22:48:44 +02:00
COPYING
DEVELOPERS DEVELOPERS: drop Maxime Ripard from kmsxx maintainers 2020-08-28 18:38:32 +02:00
Makefile Makefile: properly account for custom tags in BR2_VERSION_FULL 2020-08-13 20:05:03 +02:00
Makefile.legacy
README

README 

Buildroot is a simple, efficient and easy-to-use tool to generate embedded
Linux systems through cross-compilation.

The documentation can be found in docs/manual. You can generate a text
document with 'make manual-text' and read output/docs/manual/manual.text.
Online documentation can be found at http://buildroot.org/docs.html

To build and use the buildroot stuff, do the following:

1) run 'make menuconfig'
2) select the target architecture and the packages you wish to compile
3) run 'make'
4) wait while it compiles
5) find the kernel, bootloader, root filesystem, etc. in output/images

You do not need to be root to build or run buildroot.  Have fun!

Buildroot comes with a basic configuration for a number of boards. Run
'make list-defconfigs' to view the list of provided configurations.

Please feed suggestions, bug reports, insults, and bribes back to the
buildroot mailing list: buildroot@buildroot.org
You can also find us on #buildroot on Freenode IRC.

If you would like to contribute patches, please read
https://buildroot.org/manual.html#submitting-patches