This project is archived. Its data is read-only.

Commit 7e1eec49 authored Feb 08, 2016 by Gustavo Zacarias Committed by Thomas Petazzoni Feb 08, 2016

polarssl: security bump to version 1.2.19



Fix bug in certificate validation that caused valid chains to be
rejected when the first intermediate certificate has
pathLenConstraint=0.

Removed potential leak in rsa_rsassa_pkcs1_v15_sign().

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

parent ee467ccd

package/polarssl/polarssl.hash

+2 −2

Original line number	Diff line number	Diff line
		# From https://tls.mbed.org/tech-updates/releases/mbedtls-2.2.0-2.1.3-1.3.15-and-polarssl.1.2.18-released
		sha256 63c4ed4d9f6a241088e2287958f265403f874248d6a98b98f27cd3aa2f90f030 polarssl-1.2.18-gpl.tgz
		# From https://tls.mbed.org/tech-updates/releases/mbedtls-2.2.1-2.1.4-1.3.16-and-polarssl.1.2.19-released
		sha256 24cb1608a160101ead3c7240f35fc447fe7880cd60f7ed6c9db7a1d773ccd4b8 polarssl-1.2.19-gpl.tgz

package/polarssl/polarssl.mk

+1 −1

Original line number	Diff line number	Diff line
		@@ -5,7 +5,7 @@
		################################################################################

		POLARSSL_SITE = https://tls.mbed.org/code/releases
		POLARSSL_VERSION = 1.2.18
		POLARSSL_VERSION = 1.2.19
		POLARSSL_SOURCE = polarssl-$(POLARSSL_VERSION)-gpl.tgz
		POLARSSL_CONF_OPTS = \
		-DENABLE_PROGRAMS=$(if $(BR2_PACKAGE_POLARSSL_PROGRAMS),ON,OFF)