diff options
author | Hauke Mehrtens <hauke@hauke-m.de> | 2018-03-04 20:38:00 +0100 |
---|---|---|
committer | Hauke Mehrtens <hauke@hauke-m.de> | 2018-03-10 18:37:04 +0100 |
commit | f609913b5c60f7c65c462730993cd1c752083fd6 (patch) | |
tree | ce2c463970296da66aba8cca0370abe810c78af8 /package/network/utils | |
parent | 58a95f0f8ff768b43d68eed2b6a786e0f40f723b (diff) | |
download | upstream-f609913b5c60f7c65c462730993cd1c752083fd6.tar.gz upstream-f609913b5c60f7c65c462730993cd1c752083fd6.tar.bz2 upstream-f609913b5c60f7c65c462730993cd1c752083fd6.zip |
mbedtls: update to version 2.7.0
This fixes the following security problems:
* CVE-2018-0488: Risk of remote code execution when truncated HMAC is enabled
* CVE-2018-0487: Risk of remote code execution when verifying RSASSA-PSS signatures
This release is also ABI incompatible with the previous one, but it is
API compatible.
Some functions used by a lot of other software was renamed and the old
function names are provided as a static inline now, but they are only
active when deprecated functions are allowed, deactivate the removal of
deprecated functions for now.
Also increase the PKG_RELEASE version to force a rebuild and update of
packages depending on mbedtls to handle the changed ABI.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Diffstat (limited to 'package/network/utils')
-rw-r--r-- | package/network/utils/curl/Makefile | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/package/network/utils/curl/Makefile b/package/network/utils/curl/Makefile index 56bf503c64..07056a2cd0 100644 --- a/package/network/utils/curl/Makefile +++ b/package/network/utils/curl/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=curl PKG_VERSION:=7.52.1 -PKG_RELEASE:=7 +PKG_RELEASE:=8 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:=http://curl.haxx.se/download/ \ |