projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: bcf5fba) | patch
package/hostapd: add upstream patch to fix CVE-2021-30004
authorPeter Korsgaard <peter@korsgaard.com>
Mon, 26 Apr 2021 21:55:52 +0000 (23:55 +0200)
committerPeter Korsgaard <peter@korsgaard.com>
Wed, 28 Apr 2021 10:11:43 +0000 (12:11 +0200)
commitd65586f45a22ad999b6d14d6fdfbd6e6ddbf70b2
tree50e939b7d3e5ecf3a5b4c28be906a5e9f3a36953tree
parentbcf5fba0863befcf0e4da152acdbcefeed5c9e80commit | diff
package/hostapd: add upstream patch to fix CVE-2021-30004

Fixes the following security issue for the internal TLS backend:

- CVE-2021-30004: In wpa_supplicant and hostapd 2.9, forging attacks may
  occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c
  and tls/x509v3.c.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/hostapd/0002-ASN.1-Validate-DigestAlgorithmIdentifier-parameters.patch [new file with mode: 0644] blob
package/hostapd/hostapd.mk diff | blob | history