NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
9f1a357452
kumquat-buildroot/package/wolfssl/wolfssl.hash
Fabrice Fontaine 18b5d6205d package/wolfssl: security bump to version 5.5.2 
In the case that the WOLFSSL_CALLBACKS macro is set when building
wolfSSL, there is a potential heap over read of 5 bytes when handling
TLS 1.3 client connections. This heap over read is limited to wolfSSL
builds explicitly setting the macro WOLFSSL_CALLBACKS, the feature does
not get turned on by any other build options. The macro
WOLFSSL_CALLBACKS is intended for debug use only, but if having it
enabled in production, users are recommended to disable
WOLFSSL_CALLBACKS. Users enabling WOLFSSL_CALLBACKS are recommended to
update their version of wolfSSL. CVE 2022-42905

https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.2-stable

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-10-29 18:05:45 +02:00

7 lines
308 B
Plaintext
Raw Blame History

# Locally computed:
sha256 49c6195462cae034efe6c86268824ba515682508a5f5199358d56a4168a82cf0 wolfssl-5.5.2.tar.gz
# Hash for license files:
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING
sha256 b23c1da1f85d699d3288d73c952b4cd02760d23dc1ddc1b221cbb8be82387189 LICENSING
Reference in New Issue View Git Blame Copy Permalink