From 1f559cafe5cc1193a5962d40a2d938c66c783171 Mon Sep 17 00:00:00 2001
From: Hauke Mehrtens <hauke@hauke-m.de>
Date: Tue, 9 Feb 2021 00:53:09 +0100
Subject: wolfssl: Backport fix for CVE-2021-3336

This should fix CVE-2021-3336:
DoTls13CertificateVerify in tls13.c in wolfSSL through 4.6.0 does not
cease processing for certain anomalous peer behavior (sending an
ED22519, ED448, ECC, or RSA signature without the corresponding
certificate).

The patch is backported from the upstream wolfssl development branch.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
---
 package/libs/wolfssl/Makefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'package/libs/wolfssl/Makefile')

diff --git a/package/libs/wolfssl/Makefile b/package/libs/wolfssl/Makefile
index dcc6aca40c..ff01fca663 100644
--- a/package/libs/wolfssl/Makefile
+++ b/package/libs/wolfssl/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=wolfssl
 PKG_VERSION:=4.6.0-stable
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://github.com/wolfSSL/wolfssl/archive/v$(PKG_VERSION)
-- 
cgit v1.2.3