package/mbedtls: security bump to version 2.16.4

Fix CVE-2019-18222: Our bignum implementation is not constant
time/constant trace, so side channel attacks can retrieve the blinded
value, factor it (as it is smaller than RSA keys and not guaranteed to
have only large prime factors), and then, by brute force, recover the
key. Reported by Alejandro Cabrera Aldaya and Billy Brumley.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

diff --git a/package/mbedtls/mbedtls.hash b/package/mbedtls/mbedtls.hash
index db136c17d9e0dac660c88e0a3e3119a1eaa50dbf..db9d29d1d59c70637373c411dfe8caf0c3a7d628 100644 (file)
--- a/package/mbedtls/mbedtls.hash
+++ b/package/mbedtls/mbedtls.hash
@@ -1,5 +1,5 @@
-# From https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.3-and-2.7.12-released
-sha1   dce8550f8f9465f3aea44cb7d0f9d0ba8140034a        mbedtls-2.16.3-apache.tgz
-sha256 ec1bee6d82090ed6ea2690784ea4b294ab576a65d428da9fe8750f932d2da661        mbedtls-2.16.3-apache.tgz
+# From https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.4-and-2.7.13-released
+sha1   e446cbac7d24fc3ff1b1c4ee7c021694ede86db6        mbedtls-2.16.4-apache.tgz
+sha256 3441f32bda9c8ef58acc9e18028d09eb9c17d199eb27141bec074905152fb2fb        mbedtls-2.16.4-apache.tgz
 # Locally calculated
 sha256 cfc7749b96f63bd31c3c42b5c471bf756814053e847c10f3eb003417bc523d30        apache-2.0.txt

diff --git a/package/mbedtls/mbedtls.mk b/package/mbedtls/mbedtls.mk
index f58aad4bcaa4be80e65032f5c952e1e2f155316f..c6a7adc72ab1300da0ee25e459a0c3c2d90b5e26 100644 (file)
--- a/package/mbedtls/mbedtls.mk
+++ b/package/mbedtls/mbedtls.mk
@@ -5,7 +5,7 @@
 ################################################################################
 
 MBEDTLS_SITE = https://tls.mbed.org/code/releases
-MBEDTLS_VERSION = 2.16.3
+MBEDTLS_VERSION = 2.16.4
 MBEDTLS_SOURCE = mbedtls-$(MBEDTLS_VERSION)-apache.tgz
 MBEDTLS_CONF_OPTS = \
        -DENABLE_PROGRAMS=$(if $(BR2_PACKAGE_MBEDTLS_PROGRAMS),ON,OFF) \