[Buildroot] [PATCH 1/1] package/wolfssl: security bump to version 4.8.1
Peter Korsgaard
peter at korsgaard.com
Sat Aug 7 18:10:50 UTC 2021
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:
> - [High] OCSP verification issue when response is for a certificate with
> no relation to the chain in question BUT that response contains the
> NoCheck extension which effectively disables ALL verification of that
> one cert.
> - [Low] OCSP request/response verification issue. In the case that the
> serial number in the OCSP request differs from the serial number in
> the OCSP response the error from the comparison was not resulting in a
> failed verification.
> - [Low] CVE-2021-24116: Side-Channel cache look up vulnerability in
> base64 PEM decoding for versions of wolfSSL 4.5.0 and earlier.
> Versions 4.6.0 and up contain a fix and do not need to be updated for
> this report.
> https://github.com/wolfSSL/wolfssl/blob/v4.8.1-stable/ChangeLog.md
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
Committed to 2021.02.x and 2021.05.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list