NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8ee092e337
kumquat-buildroot/package/wolfssl/wolfssl.hash
Fabrice Fontaine bb94d3d0fb package/wolfssl: security bump to version 5.7.0 
Vulnerabilities
 - [High] CVE-2024-0901 Potential denial of service and out of bounds
   read. Affects TLS 1.3 on the server side when accepting a connection
   from a malicious TLS 1.3 client. If using TLS 1.3 on the server side
   it is recommended to update the version of wolfSSL used.
 - [Med] CVE-2024-1545 Fault Injection vulnerability in
   RsaPrivateDecryption function that potentially allows an attacker
   that has access to the same system with a victims process to perform
   a Rowhammer fault injection.
 - [Med] Fault injection attack with EdDSA signature operations. This
   affects ed25519 sign operations where the system could be susceptible
   to Rowhammer attacks.

No official tarball provided so switch to github and set autoreconf

https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.0-stable

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
(cherry picked from commit 3a2891621c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-05-03 09:07:47 +02:00

7 lines
308 B
Plaintext
Raw Blame History

# Locally computed:
sha256 2de93e8af588ee856fe67a6d7fce23fc1b226b74d710b0e3946bc8061f6aa18f wolfssl-5.7.0.tar.gz
# Hash for license files:
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING
sha256 b23c1da1f85d699d3288d73c952b4cd02760d23dc1ddc1b221cbb8be82387189 LICENSING
Reference in New Issue View Git Blame Copy Permalink