Yi Zhao
f5e791bfb1
mbedtls: upgrade 2.28.8 -> 2.28.9
...
ChangeLog
https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-2.28.9
Security fix:
CVE-2024-45157
Signed-off-by: Yi Zhao <yi.zhao@windriver.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2024-09-11 06:50:24 -07:00
Yi Zhao
8340f5f011
mbedtls: upgrade 3.6.0 -> 3.6.1
...
ChangeLog:
https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.6.1
Security fixes:
CVE-2024-45157
CVE-2024-45158
CVE-2024-45159
* According to commit[1], install data_files into framework directory
for ptest.
[1] https://github.com/Mbed-TLS/mbedtls/commit/9c4dd4ee6fe570b6a50a275d78b7d140fec0e02f
Signed-off-by: Yi Zhao <yi.zhao@windriver.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2024-09-11 06:50:24 -07:00
Timo Schuster
e35ce3956a
mbedtls: Do not set LIB_INSTALL_DIR to an absolute path to make MbedTLSTargets.cmake relocateable.
...
Signed-off-by: Timo Schuster <timo.schuster@leica-microsystems.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2024-06-14 15:46:50 -07:00
Ricardo Simoes
577a55f7a5
mbedtls: Fix warning for missing program
...
When PACKAGECONFIG does not contains 'programs', the hello binary will
not be generated, but the ALTERNATIVE 'hello' is still set, causing the
update-alternatives bbclass to generate warnings for the missing
'hello' binary.
This commit fixes that by only populating ALTERNATIVES when 'programs'
is enabled.
Signed-off-by: Ricardo Simoes <ricardo.simoes@pt.bosch.com >
Signed-off-by: Mark Jonas <mark.jonas@de.bosch.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2024-05-02 07:32:55 -07:00
Beniamin Sandu
6c9a01f670
mbedtls: upgrade 2.28.7 -> 2.28.8
...
Includes security fixes for:
CVE-2024-28960 - Insecure handling of shared memory in PSA Crypto APIs
Full release notes:
https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.8
Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2024-04-05 08:07:24 -07:00
Beniamin Sandu
36148978f6
mbedtls: upgrade 3.5.2 -> 3.6.0
...
This is an LTS release.
Includes security fixes:
* CVE-2024-28960 - Insecure handling of shared memory in PSA Crypto APIs
Full release notes:
https://github.com/Mbed-TLS/mbedtls/releases/tag/v3.6.0
Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2024-04-05 08:07:24 -07:00
Beniamin Sandu
f51fe152e8
mbedtls: upgrade 2.28.4 -> 2.28.7
...
Includes security fixes for:
CVE-2023-43615 - Buffer overread in TLS stream cipher suites
CVE-2024-23170 - Timing side channel in private key RSA operations
CVE-2024-23775 - Buffer overflow in mbedtls_x509_set_extension()
Other changes:
https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-2.28.5
License updated to dual Apache-2.0 OR GPL-2.0-or-later.
Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2024-02-09 09:52:06 -08:00
Beniamin Sandu
b1e57692e0
mbedtls: upgrade 3.5.1 -> 3.5.2
...
* Includes security fix for CVE-2024-23170 - Timing side channel in private key RSA operations
* Includes security fix for CVE-2024-23775 - Buffer overflow in mbedtls_x509_set_extension()
Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2024-02-09 09:52:06 -08:00
Alex Kiernan
ebe950c8e9
mbedtls: Upgrade 3.5.0 -> 3.5.1
...
Use canonical URL, add UPSTREAM_CHECK_GITTAGREGEX.
Changes:
Dave Rodgman (12):
Header updates
Fix some non-standard headers
Update documentation
Add Changelog for license
Update license for p256-m
README improvements to 3rdparty section
assemble Changelog
Fix typos in changelog
Bump version
Update BRANCHES
Update Changelog with bugfix entry
Add docs re Everest license
David Horstmann (1):
Fix 3rdparty target names for custom config
License-update: Upstream clarified licensing as dual Apache-2.0 or GPL-2.0 or later
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2023-12-18 22:17:25 -08:00
Beniamin Sandu
ae4e1e70a1
mbedtls: upgrade 3.4.1 -> 3.5.0
...
* Includes security fix for CVE-2023-43615 - Buffer overread in TLS stream cipher suites
* Includes security fix for CVE-2023-45199 - Buffer overflow in TLS handshake parsing with ECDH
* Includes aesce compilation fixes
Full changelog: https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.5.0
The extra patch fixes x86 32-bit builds.
Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2023-10-30 14:29:34 -07:00
Beniamin Sandu
dcafc2c09c
mbedtls: upgrade 2.28.3 -> 2.28.4
...
Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2023-09-07 10:29:42 -07:00
Beniamin Sandu
6cf2f1045a
mbedtls: upgrade 3.4.0 -> 3.4.1
...
Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2023-09-07 10:29:42 -07:00
Peter Marko
ed334821c2
cve_check: fix conversion errors
...
Conversion from CVE_CHECK_IGNORE to CVE_STATUS had some copy+paste
issues.
Signed-off-by: Peter Marko <peter.marko@siemens.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2023-07-31 08:10:34 -07:00
Andrej Valek
8af2f17a6f
cve_check: convert CVE_CHECK_IGNORE to CVE_STATUS
...
- Try to add convert and apply statuses for old CVEs
- Drop some obsolete ignores, while they are not relevant for current
version
Signed-off-by: Andrej Valek <andrej.valek@siemens.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2023-07-27 08:54:40 -07:00
Yi Zhao
b0f7978847
mbedtls: upgrade 2.28.2 -> 2.28.3
...
Mbed TLS 2.28 is a long-time support branch. It will be supported with
bug-fixes and security fixes until end of 2024.
ChangeLog:
https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.3
Signed-off-by: Yi Zhao <yi.zhao@windriver.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2023-06-28 13:53:12 -07:00
Beniamin Sandu
bf314d2c57
mbedtls: fix builds with crypto extensions
...
Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2023-06-26 05:12:55 -07:00
Beniamin Sandu
9cb5f5c6e9
mbedtls: add support for v3.x
...
Version 3.4.0 adds a lot of improvements and fixes (a notable one
being initial support for PKCS7 CMS), but since this is a pretty
big jump, let's keep both versions for a while, so the v2.x users
can upgrade to 3.x in a timely manner if needed.
Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2023-06-19 18:41:19 -07:00
Yi Zhao
63749f10a4
mbedtls: add ptest
...
Results:
$ ptest-runner mbedtls
START: ptest-runner
2023-03-20T08:11
BEGIN: /usr/lib/mbedtls/ptest
PASS: test_suite_aes.cbc
PASS: test_suite_aes.cfb
PASS: test_suite_aes.ecb
PASS: test_suite_aes.ofb
PASS: test_suite_aes.rest
PASS: test_suite_aes.xts
PASS: test_suite_arc4
PASS: test_suite_aria
PASS: test_suite_asn1parse
PASS: test_suite_asn1write
PASS: test_suite_base64
PASS: test_suite_bignum.generated
PASS: test_suite_bignum.misc
PASS: test_suite_blowfish
PASS: test_suite_camellia
PASS: test_suite_ccm
PASS: test_suite_chacha20
PASS: test_suite_chachapoly
PASS: test_suite_cipher.aes
PASS: test_suite_cipher.arc4
PASS: test_suite_cipher.aria
PASS: test_suite_cipher.blowfish
PASS: test_suite_cipher.camellia
PASS: test_suite_cipher.ccm
PASS: test_suite_cipher.chacha20
PASS: test_suite_cipher.chachapoly
PASS: test_suite_cipher.des
PASS: test_suite_cipher.gcm
PASS: test_suite_cipher.misc
PASS: test_suite_cipher.nist_kw
PASS: test_suite_cipher.null
PASS: test_suite_cipher.padding
PASS: test_suite_cmac
PASS: test_suite_constant_time
PASS: test_suite_constant_time_hmac
PASS: test_suite_ctr_drbg
PASS: test_suite_debug
PASS: test_suite_des
PASS: test_suite_dhm
PASS: test_suite_ecdh
PASS: test_suite_ecdsa
PASS: test_suite_ecjpake
PASS: test_suite_ecp
PASS: test_suite_entropy
PASS: test_suite_error
PASS: test_suite_gcm.aes128_de
PASS: test_suite_gcm.aes128_en
PASS: test_suite_gcm.aes192_de
PASS: test_suite_gcm.aes192_en
PASS: test_suite_gcm.aes256_de
PASS: test_suite_gcm.aes256_en
PASS: test_suite_gcm.camellia
PASS: test_suite_gcm.misc
PASS: test_suite_hkdf
PASS: test_suite_hmac_drbg.misc
PASS: test_suite_hmac_drbg.nopr
PASS: test_suite_hmac_drbg.no_reseed
PASS: test_suite_hmac_drbg.pr
PASS: test_suite_md
PASS: test_suite_mdx
PASS: test_suite_memory_buffer_alloc
PASS: test_suite_mps
PASS: test_suite_net
PASS: test_suite_nist_kw
PASS: test_suite_oid
PASS: test_suite_pem
PASS: test_suite_pk
PASS: test_suite_pkcs12
PASS: test_suite_pkcs1_v15
PASS: test_suite_pkcs1_v21
PASS: test_suite_pkcs5
PASS: test_suite_pkparse
PASS: test_suite_pkwrite
PASS: test_suite_poly1305
PASS: test_suite_psa_crypto
PASS: test_suite_psa_crypto_attributes
PASS: test_suite_psa_crypto_driver_wrappers
PASS: test_suite_psa_crypto_entropy
PASS: test_suite_psa_crypto_generate_key.generated
PASS: test_suite_psa_crypto_hash
PASS: test_suite_psa_crypto_init
PASS: test_suite_psa_crypto_metadata
PASS: test_suite_psa_crypto_not_supported.generated
PASS: test_suite_psa_crypto_not_supported.misc
PASS: test_suite_psa_crypto_op_fail.generated
PASS: test_suite_psa_crypto_op_fail.misc
PASS: test_suite_psa_crypto_persistent_key
PASS: test_suite_psa_crypto_se_driver_hal
PASS: test_suite_psa_crypto_se_driver_hal_mocks
PASS: test_suite_psa_crypto_slot_management
PASS: test_suite_psa_crypto_storage_format.current
PASS: test_suite_psa_crypto_storage_format.misc
PASS: test_suite_psa_crypto_storage_format.v0
PASS: test_suite_psa_its
PASS: test_suite_random
PASS: test_suite_rsa
PASS: test_suite_shax
PASS: test_suite_ssl
PASS: test_suite_timing
PASS: test_suite_version
PASS: test_suite_x509parse
PASS: test_suite_x509write
PASS: test_suite_xtea
DURATION: 83
END: /usr/lib/mbedtls/ptest
2023-03-20T08:13
STOP: ptest-runner
TOTAL: 1 FAIL: 0
Signed-off-by: Yi Zhao <yi.zhao@windriver.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2023-03-22 09:10:39 -07:00
Denys Dmytriyenko
e012fe075d
mbedtls: set up /usr/bin/hello as alternative
...
As mbedtls installs this rather generically-named /usr/bin/hello binary,
it conflicts with the one provided by lmbench, hence set it up as an
alternative to avoid conflicts when both are installed to rootfs or SDK.
Signed-off-by: Denys Dmytriyenko <denis@denix.org >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2023-02-26 00:17:45 -08:00
Beniamin Sandu
4f50432e20
mbedtls: export source files/headers needed by ATF
...
Arm Trusted Firmware uses a list of mbedtls source files/headers to build
a static library used for crypto functionality:
https://github.com/ARM-software/arm-trusted-firmware/blob/master/drivers/auth/mbedtls/mbedtls_common.mk#L10
At the moment, any ATF version that wants to build with yocto and enable
for example secure boot, needs to download and patch a version of mbedtls
separately, e.g. :
https://git.yoctoproject.org/meta-arm/tree/meta-arm/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.7.0.bb#n10
This commit enables a simple way for ATF recipes to use the existing oe
version of mbedtls by adding it as a dependency, and simply extending the
build flags with:
EXTRA_OEMAKE += 'MBEDTLS_DIR="${STAGING_DATADIR}/mbedtls-source"'
Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2023-01-27 17:06:52 -08:00
Stefan Ghinea
2ab113e8be
mbedtls: upgrade to 2.28.2 to fix CVE-2022-46392, CVE-2022-46393
...
An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0.
An adversary with access to precise enough information about memory
accesses (typically, an untrusted operating system attacking a secure
enclave) can recover an RSA private key after observing the victim
performing a single private-key operation, if the window size
(MBEDTLS_MPI_WINDOW_SIZE) used for the exponentiation is 3 or smaller.
An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0.
There is a potential heap-based buffer overflow and heap-based buffer
over-read in DTLS if MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and
MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.
References:
https://nvd.nist.gov/vuln/detail/CVE-2022-46392
https://nvd.nist.gov/vuln/detail/CVE-2022-46393
Upstream patches:
https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.2
Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2023-01-26 13:16:34 -08:00
Ross Burton
8d64fcc825
mbedtls: add option to use PSA for X.509/TLS operations
...
Add an option to use Platform Security Architecture for the X.509 and TLS
operations.
Signed-off-by: Ross Burton <ross.burton@arm.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2023-01-17 08:27:45 -08:00
Mathieu Dubois-Briand
e2188ac73b
mbedtls: Whitelist CVE-2021-43666, CVE-2021-45451
...
Signed-off-by: Mathieu Dubois-Briand <mbriand@witekio.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2022-10-04 09:29:47 -07:00
Mathieu Dubois-Briand
e726f388b2
mbedtls: Update to 2.28.1 version
...
Signed-off-by: Mathieu Dubois-Briand <mbriand@witekio.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2022-10-04 09:29:47 -07:00
Mathieu Dubois-Briand
0f6a6a3cc9
mbedtls: Fix CVE product name
...
Signed-off-by: Mathieu Dubois-Briand <mbriand@witekio.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2022-10-04 09:29:47 -07:00
Mark Jonas
1c5c88389a
mbedtls: Upgrade to 2.28.0
...
Mbed TLS 2.28 is a long-time support branch. It will be supported with
bug-fixes and security fixes until end of 2024.
https://github.com/ARMmbed/mbedtls/releases/tag/v2.28.0
Signed-off-by: Mark Jonas <toertel@gmail.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2022-02-11 09:10:38 -08:00
Martin Jansa
c61dc077bb
Convert to new override syntax
...
This is the result of automated script (0.9.1) conversion:
oe-core/scripts/contrib/convert-overrides.py .
converting the metadata to use ":" as the override character instead of "_".
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com >
2021-08-03 10:21:25 -07:00
Khem Raj
a854c2cb77
mbedtls: Add packageconfig for warning-as-errors
...
Disable the options by default, as we use different compilers there are
more warnings to handle then upstream
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2021-06-04 07:08:13 -07:00
Khem Raj
693ec65bf2
mbedtls: Upgrade to 2.26.0
...
https://github.com/ARMmbed/mbedtls/releases/tag/v2.26.0
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2021-06-03 19:12:33 -07:00
Khem Raj
4629af5f52
mbedtls: Fix gcc11 stringop-overflow warning
...
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2021-03-02 10:13:38 -08:00
Alexander Vickberg
f431022415
mbedtls: upgrade to 2.25.0
...
Deleted build fix patch. This is already applied in this release.
Signed-off-by: Alexander Vickberg <wickbergster@gmail.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2020-12-17 09:12:27 -08:00
Alexander Vickberg
6f1139a717
mbedtls: upgrade to 2.24.0
...
Download archives are no longer updated so fetch from Github. Add build
fix from upstream. The file LICENSE now contains the full Apache 2.0
license text.
Signed-off-by: Alexander Vickberg <wickbergster@gmail.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2020-12-09 10:14:57 -08:00
Mark Jonas
2fe4cb5882
mbedtls: Fix typo in PACKAGECONFIG
...
Signed-off-by: Mark Jonas <toertel@gmail.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2020-11-03 11:03:45 -08:00
Pierre-Jean Texier
4f1db78cce
mbedtls: upgrade 2.16.5 -> 2.16.6
...
Mbed TLS 2.16.6 is a maintenance release of the Mbed TLS 2.16 branch, and
provides security fixes and bug fixes, see:
- https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.6-and-2.7.15-released
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2020-04-15 11:26:22 -07:00
Pierre-Jean Texier
2b36db7f5f
mbedtls: upgrade 2.16.3 -> 2.16.5
...
Mbed TLS 2.16.5 is a maintenance release of the Mbed TLS 2.16 branch, and
provides security fixes and bug fixes, see:
https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.5-and-2.7.14-released
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2020-02-21 17:21:00 -08:00
Pierre-Jean Texier
90d73b1b91
mbedtls: add native and nativesdk to BBCLASSEXTEND
...
Fixes:
ERROR: Nothing PROVIDES 'mbedtls-native'
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2020-02-20 08:22:38 -08:00
Denys Dmytriyenko
865ecb2083
mbedtls: upgrade 2.16.2 -> 2.16.3
...
* Mbed TLS 2.16.3 is a maintenance release of the Mbed TLS 2.16 branch, and
provides bug fixes and minor enhancements.
https://github.com/ARMmbed/mbedtls/releases/tag/mbedtls-2.16.3
Most importantly, this fixes breakage on ARMv5TE platforms:
* Fix the build on ARMv5TE in ARM mode to not use assembly instructions that
are only available in Thumb mode.
https://github.com/ARMmbed/mbedtls/pull/2169
Signed-off-by: Denys Dmytriyenko <denys@ti.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2019-11-13 07:15:17 -08:00
Oleksandr Kravchuk
5fc4c10a19
mbedtls: update to 2.16.2
...
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2019-06-25 14:21:48 -07:00
Oleksandr Kravchuk
41c263bf8e
mbedtls: update to 2.16.0
...
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2019-03-15 13:57:47 -07:00
Johannes Pointner
bce1210d2e
mbedtls: upgrade to 2.13.0
...
Signed-off-by: Johannes Pointner <johannes.pointner@br-automation.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2018-10-25 13:51:52 -07:00
Johannes Pointner
77966d0f3a
mbedtls: upgrade to 2.12.0
...
Signed-off-by: Johannes Pointner <johannes.pointner@br-automation.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2018-08-24 08:58:13 -07:00
Khem Raj
f8904d0a6a
mbedtls: Upgrade to 2.11.0
...
- Use libs section, libdevel is not common
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2018-07-14 15:50:14 -07:00
Johannes Pointner
3db24e50ea
mbedtls: update to 2.9.0
...
Mbed TLS 2.9.0 maintains source code and binary compatibility with the last
minor version, Mbed TLS 2.8.0, but extends the interface with additional
capabilities.
* Detail release note:
- https://tls.mbed.org/tech-updates/releases/mbedtls-2.9.0-2.7.3-and-2.1.12-released
Signed-off-by: Johannes Pointner <johannes.pointner@br-automation.com >
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2018-06-08 00:57:29 -07:00
Johannes Pointner
663bc6f016
mbedtls: upgrade to 2.8.0
...
This also includes a switch to Apache license, because it's the primary license
for the project according to their homepage.
* Detail release note:
- https://tls.mbed.org/tech-updates/releases/mbedtls-2.8.0-2.7.2-and-2.1.11-released
Signed-off-by: Johannes Pointner <johannes.pointner@br-automation.com >
Signed-off-by: Armin Kuster <akuster808@gmail.com >
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com >
2018-04-25 15:53:46 -04:00
Wenzong Fan
1a5ae6aad2
mbedtls: upgrade to 1.3.17
...
* fix CVE: CVE-2015-8036
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com >
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com >
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com >
2016-10-20 11:16:32 -04:00
Roy Li
01ffc1f2b2
mbedtls: upgrade to 1.3.10
...
1. PolarSSL is now rebranded as mbed TLS.
2. upgrade to include CVE-2015-1182 fix:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1182
Signed-off-by: Roy Li <rongqing.li@windriver.com >
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com >
2015-06-05 22:18:30 -04:00