The wolfssl package has been rebuilt and was uploaded to the Chaos Calmer 15.05 repository due to multiple security issues.
VERSION 3.3.0-2 => 3.8.0-2 CHANGELOG [Wed, 2 Mar 2016 10:01:48 +0000 cb7a26c] Cyassl: disable Intel ASM for now With ASM support enabled, CyaSSL fails to build on all x86 subtargets. [Tue, 1 Mar 2016 22:50:29 +0000 eaa864e] Backport of: r46167: cyassl: version bump to 3.4.6 r46168: cyassl: update to wolfssl 3.6.0 r46551: cyassl: the upstream package in version 4.6.0 changed r47791: cyassl: update to wolfSSL version 3.7.0 This version and version 3.6.8 are fixing the following security problems: * CVE-2015-7744 * CVE-2015-6925 r48616: cyassl: update to wolfssl version 3.8.0 CHANGES package/libs/cyassl/Makefile | 27 ++++++++++++----- .../cyassl/patches/100-respect_cflags.patch | 11 ------- .../200-SSL_accept-handle-hello-garbage.patch | 13 -------- .../300-SSL_set_tlsext_host_name.patch | 23 +++++++++----- .../400-additional_compatibility.patch | 12 ++++++++ 5 files changed, 47 insertions(+), 39 deletions(-) REFERENCES * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6925 * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7744 * http://git.openwrt.org/?p=15.05/openwrt.git;a=commit;h=eaa864e6c0d081b9745a38f806a0f6822f47454d * http://git.openwrt.org/?p=15.05/openwrt.git;a=commit;h=cb7a26ca69e85585227134fc0f4ff756baac43e3 _______________________________________________ openwrt-users mailing list [email protected] https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-users
