Release 4.8.0 of wolfSSL embedded TLS has bug fixes and new features including this vulnerability:
* [Low] OCSP request/response verification issue. In the case that the serial number in the OCSP request differs from the serial number in the OCSP response the error from the comparison was not resulting in a failed verification. Signed-off-by: Eneas U de Queiroz <cotequei...@gmail.com> --- package/libs/wolfssl/Makefile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/package/libs/wolfssl/Makefile b/package/libs/wolfssl/Makefile index 0c95288a2a..38c284ec5d 100644 --- a/package/libs/wolfssl/Makefile +++ b/package/libs/wolfssl/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=wolfssl -PKG_VERSION:=4.7.0-stable -PKG_RELEASE:=2 +PKG_VERSION:=4.8.0-stable +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://github.com/wolfSSL/wolfssl/archive/v$(PKG_VERSION) -PKG_HASH:=b0e740b31d4d877d540ad50cc539a8873fc41af02bd3091c4357b403f7106e31 +PKG_HASH:=72c22efcdab0f18f9b0bb45621c213144f88b4a9e9b9cc06878b47744e058885 PKG_FIXUP:=libtool libtool-abiver PKG_INSTALL:=1 _______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
