package/wolfssl: add upstream security fix for CVE-2019–18840
Fixes the following security vulnerability:
- CVE-2019-18840: In wolfSSL 4.1.0 through 4.2.0c, there are missing sanity
checks of memory accesses in parsing ASN.1 certificate data while
handshaking. Specifically, there is a one-byte heap-based buffer overflow
inside the DecodedCert structure in GetName in wolfcrypt/src/asn.c because
the domain name location index is mishandled. Because a pointer is
overwritten, there is an invalid free.
For details, see the writeup:
https://medium.com/@social_62682/heap-overflow-in-wolfssl-cve-2019-18840-
185d233c27de
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
projects / buildroot.git / commit