From: Gustavo Zacarias <gustavo@zacarias.com.ar>
Date: Wed, 6 Jan 2016 17:14:39 +0000 (-0300)
Subject: mbedtls: security bump to version 2.2.1
X-Git-Url: https://git.libre-soc.org/?a=commitdiff_plain;h=5d8994c47ffe9fa0a9b1973110d0bbdfa2cf63f1;p=buildroot.git

mbedtls: security bump to version 2.2.1

Fixes:
CVE-2015-7575 - Security Losses from Obsolete and Truncated Transcript
Hashes (SLOTH) vulnerability.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---

diff --git a/package/mbedtls/mbedtls.hash b/package/mbedtls/mbedtls.hash
index 161dc2be6e..eebbfe8561 100644
--- a/package/mbedtls/mbedtls.hash
+++ b/package/mbedtls/mbedtls.hash
@@ -1,2 +1,2 @@
-# From https://tls.mbed.org/tech-updates/releases/mbedtls-2.2.0-2.1.3-1.3.15-and-polarssl.1.2.18-released
-sha256	3c6d3487ab056da94450cf907afc84f026aff7880182baffe137c98e3d00fb55	mbedtls-2.2.0-apache.tgz
+# From https://tls.mbed.org/tech-updates/releases/mbedtls-2.2.1-2.1.4-1.3.16-and-polarssl.1.2.19-released
+sha256	6ddd5ca2e7dfb43d2fd750400856246fc1c98344dabf01b1594eb2f9880ef7ce	mbedtls-2.2.1-apache.tgz
diff --git a/package/mbedtls/mbedtls.mk b/package/mbedtls/mbedtls.mk
index b98b7f5df2..fe166e21f4 100644
--- a/package/mbedtls/mbedtls.mk
+++ b/package/mbedtls/mbedtls.mk
@@ -5,7 +5,7 @@
 ################################################################################
 
 MBEDTLS_SITE = https://tls.mbed.org/code/releases
-MBEDTLS_VERSION = 2.2.0
+MBEDTLS_VERSION = 2.2.1
 MBEDTLS_SOURCE = mbedtls-$(MBEDTLS_VERSION)-apache.tgz
 MBEDTLS_CONF_OPTS = \
 	-DENABLE_PROGRAMS=$(if $(BR2_PACKAGE_MBEDTLS_PROGRAMS),ON,OFF) \