summaryrefslogtreecommitdiffstats
path: root/package/libs/mbedtls/patches/100-x509-crt-verify-SAN-iPAddress.patch
Commit message (Collapse)AuthorAgeFilesLines
* mbedtls: Update to version 3.6.0Hauke Mehrtens2024-04-281-197/+0
| | | | | | | | | | | | | | | | | | | This adds support for mbedtls 3.6.0. The 3.6 version is the next LTS version of mbedtls. This version supports TLS 1.3. This switches to download using git. The codeload tar file misses some git submodules. Add some extra options added in mbedtls 3.6.0. The size of the compressed ipkg increases: 230933 bin/packages/mips_24kc/base/libmbedtls13_2.28.7-r2_mips_24kc.ipk 300154 bin/packages/mips_24kc/base/libmbedtls14_3.6.0-r1_mips_24kc.ipk The removed patch was integrated upstream. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mbedtls: Update to 2.28.8Hauke Mehrtens2024-04-241-5/+5
| | | | | | | | | This contains a fix for: CVE-2024-28960: An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mbedtls: Update to version 2.28.5Hauke Mehrtens2023-10-141-3/+3
| | | | | | | This fixes some minor security problems. Changelog: https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-2.28.5 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mbedtls: Update to version 2.28.4Hauke Mehrtens2023-08-111-3/+3
| | | | | | | This only fixes minor problems. Changelog: https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.4 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mbedtls: Update to version 2.28.3Hauke Mehrtens2023-04-101-71/+87
| | | | | | | | | | | | | | | This only fixes minor problems. Changelog: https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.3 The 100-fix-compile.patch patch was merged upstream, see: https://github.com/Mbed-TLS/mbedtls/issues/6243 https://github.com/Mbed-TLS/mbedtls/pull/7013 The code style of all files in mbedtls 2.28.3 was changed. I took a new version of the 100-x509-crt-verify-SAN-iPAddress.patch patch from this pull request: https://github.com/Mbed-TLS/mbedtls/pull/6475 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mbedtls: x509 crt verify SAN iPAddressGlenn Strauss2023-02-031-0/+181
backport from X509 crt verify SAN iPAddress https://github.com/Mbed-TLS/mbedtls/pull/6475 addresses curl built with mbedtls fails on https://1.1.1.1/ (IP address in SubjectAltName) https://github.com/Mbed-TLS/mbedtls/issues/6473 filed for mbedTLS: BADCERT_CN_MISMATCH on https://1.1.1.1 with curl+mbedtls https://github.com/openwrt/packages/issues/19677 Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-28 07:18:44 +0000