projects / buildroot.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f08a9db)
polarssl: security bump to version 1.2.13
authorGustavo Zacarias <gustavo@zacarias.com.ar>
Wed, 18 Feb 2015 18:16:09 +0000 (15:16 -0300)
committerThomas Petazzoni <thomas.petazzoni@free-electrons.com>
Thu, 19 Feb 2015 20:28:11 +0000 (21:28 +0100)
Includes the previous CVE-2015-1182 fix (patch dropped) and other fixes
(security and non) from the 1.3 branch (no CVEs yet), see release notes:
https://polarssl.org/tech-updates/releases/polarssl-1.2.13-released

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
package/polarssl/0003-fix-CVE-2015-1182.patch [deleted file] patch | blob | history
package/polarssl/polarssl.hash patch | blob | history
package/polarssl/polarssl.mk patch | blob | history

diff --git a/package/polarssl/0003-fix-CVE-2015-1182.patch b/package/polarssl/0003-fix-CVE-2015-1182.patch
deleted file mode 100644 (file)
index 9309c9d..0000000
--- a/package/polarssl/0003-fix-CVE-2015-1182.patch
+++ /dev/null
@@ -1,19 +0,0 @@
-Fix CVE-2015-1182 - Remote attack using crafted certificates.
-Patch status: from upstream see:
-https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-04
-
-Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
-
-diff --git a/library/asn1parse.c b/library/asn1parse.c
-index a3a2b56..e2117bf 100644
---- a/library/asn1parse.c
-+++ b/library/asn1parse.c
-@@ -278,6 +278,8 @@ int asn1_get_sequence_of( unsigned char **p,
-             if( cur->next == NULL )
-                 return( POLARSSL_ERR_ASN1_MALLOC_FAILED );
-
-+            memset( cur->next, 0, sizeof( asn1_sequence ) );
-+
-             cur = cur->next;
-         }
-     }
diff --git a/package/polarssl/polarssl.hash b/package/polarssl/polarssl.hash
index 976978872458cbdab2d13bc638cbfa79cc3c4213..d68185b9443b2821b9e97d597d33dac7777eb74c 100644 (file)
--- a/package/polarssl/polarssl.hash
+++ b/package/polarssl/polarssl.hash
@@ -1,2 +1,2 @@
-# From https://polarssl.org/tech-updates/releases/polarssl-1.2.12-released
-sha256 63dd60e78d25c438648607bb177b063dcf5fbf3ced9ee794fcb165d101940131        polarssl-1.2.12-gpl.tgz
+# From https://polarssl.org/tech-updates/releases/polarssl-1.2.13-released
+sha256 62f44f2a9f39b5cefb229e5dd2644ca20ead477cb1843d6ff30671624315b021        polarssl-1.2.13-gpl.tgz
diff --git a/package/polarssl/polarssl.mk b/package/polarssl/polarssl.mk
index 046c6bfd0c019d1863ddf2f2a3df4eea26096e9c..83e18514dde67cf1de713ede99347b765c618340 100644 (file)
--- a/package/polarssl/polarssl.mk
+++ b/package/polarssl/polarssl.mk
@@ -5,7 +5,7 @@
 ################################################################################
 
 POLARSSL_SITE = https://polarssl.org/code/releases
-POLARSSL_VERSION = 1.2.12
+POLARSSL_VERSION = 1.2.13
 POLARSSL_SOURCE = polarssl-$(POLARSSL_VERSION)-gpl.tgz
 POLARSSL_CONF_OPTS = \
        -DENABLE_PROGRAMS=$(if $(BR2_PACKAGE_POLARSSL_PROGRAMS),ON,OFF)