projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d65586f) | patch
package/wpa_supplicant: add upstream patch to fix CVE-2021-30004
authorPeter Korsgaard <peter@korsgaard.com>
Mon, 26 Apr 2021 21:55:53 +0000 (23:55 +0200)
committerPeter Korsgaard <peter@korsgaard.com>
Wed, 28 Apr 2021 10:11:51 +0000 (12:11 +0200)
commita8fbe67b9b165c3bd6cad98b8eed10dade3c4e9d
treeb281f2ce7a4ddf6b885451f9ef4da7257d2e1d53tree
parentd65586f45a22ad999b6d14d6fdfbd6e6ddbf70b2commit | diff
package/wpa_supplicant: add upstream patch to fix CVE-2021-30004

Fixes the following security issue for the internal TLS backend:

- CVE-2021-30004: In wpa_supplicant and hostapd 2.9, forging attacks may
  occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c
  and tls/x509v3.c.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/wpa_supplicant/0002-ASN.1-Validate-DigestAlgorithmIdentifier-parameters.patch [new file with mode: 0644] blob
package/wpa_supplicant/wpa_supplicant.mk diff | blob | history