mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-07-16 16:27:27 +00:00
b7180060eb
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-7395 Backport the patches from the PR[1] that is referenced by the project's changelog[2] to fix this issue. [1]: https://github.com/wolfSSL/wolfssl/pull/8833 [2]: https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
26 lines
1.2 KiB
Diff
26 lines
1.2 KiB
Diff
From f2a85e37e552d8dfafa2cbf32507b2fa545ee593 Mon Sep 17 00:00:00 2001
|
|
From: Brett <bigbrett@users.noreply.github.com>
|
|
Date: Wed, 4 Jun 2025 16:56:16 -0600
|
|
Subject: [PATCH] add missing error trace macro
|
|
|
|
CVE: CVE-2025-7395
|
|
Upstream-Status: Backport [https://github.com/wolfSSL/wolfssl/commit/0e2a3fd0b64bc6ba633aa9227e92ecacb42b5b1b]
|
|
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
|
|
---
|
|
src/internal.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/src/internal.c b/src/internal.c
|
|
index 79f584a0a..5557b5698 100644
|
|
--- a/src/internal.c
|
|
+++ b/src/internal.c
|
|
@@ -15991,7 +15991,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
|
|
/* If we can't validate the peer cert chain against the CAs loaded
|
|
* into wolfSSL, try to validate against the system certificates
|
|
* using Apple's native trust APIs */
|
|
- if ((ret == ASN_NO_SIGNER_E) &&
|
|
+ if ((ret == WC_NO_ERR_TRACE(ASN_NO_SIGNER_E)) &&
|
|
(ssl->ctx->doAppleNativeCertValidationFlag)) {
|
|
if (DoAppleNativeCertValidation(ssl, args->certs,
|
|
args->totalCerts)) {
|