package/mongoose: security bump to version 7.1
- Fix CVE-2021-26528: The mg_http_serve_file function in Cesanta
Mongoose HTTP server 7.0 is vulnerable to remote OOB write attack via
connection request after exhausting memory pool.
- Fix CVE-2021-26529: The mg_tls_init function in Cesanta Mongoose HTTPS
server 7.0 and 6.7-6.18 (compiled with mbedTLS support) is vulnerable
to remote OOB write attack via connection request after exhausting
memory pool.
- Fix CVE-2021-26530: The mg_tls_init function in Cesanta Mongoose HTTPS
server 7.0 (compiled with OpenSSL support) is vulnerable to remote OOB
write attack via connection request after exhausting memory pool.
https://github.com/cesanta/mongoose/releases/tag/7.1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>