This project is archived. Its data is read-only.

Commit 5d8994c4 authored Jan 06, 2016 by Gustavo Zacarias Committed by Peter Korsgaard Jan 08, 2016

mbedtls: security bump to version 2.2.1



Fixes:
CVE-2015-7575 - Security Losses from Obsolete and Truncated Transcript
Hashes (SLOTH) vulnerability.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

parent 7f614886

package/mbedtls/mbedtls.hash

+2 −2

Original line number	Diff line number	Diff line
		# From https://tls.mbed.org/tech-updates/releases/mbedtls-2.2.0-2.1.3-1.3.15-and-polarssl.1.2.18-released
		sha256 3c6d3487ab056da94450cf907afc84f026aff7880182baffe137c98e3d00fb55 mbedtls-2.2.0-apache.tgz
		# From https://tls.mbed.org/tech-updates/releases/mbedtls-2.2.1-2.1.4-1.3.16-and-polarssl.1.2.19-released
		sha256 6ddd5ca2e7dfb43d2fd750400856246fc1c98344dabf01b1594eb2f9880ef7ce mbedtls-2.2.1-apache.tgz

package/mbedtls/mbedtls.mk

+1 −1

Original line number	Diff line number	Diff line
		@@ -5,7 +5,7 @@
		################################################################################

		MBEDTLS_SITE = https://tls.mbed.org/code/releases
		MBEDTLS_VERSION = 2.2.0
		MBEDTLS_VERSION = 2.2.1
		MBEDTLS_SOURCE = mbedtls-$(MBEDTLS_VERSION)-apache.tgz
		MBEDTLS_CONF_OPTS = \
		-DENABLE_PROGRAMS=$(if $(BR2_PACKAGE_MBEDTLS_PROGRAMS),ON,OFF) \