diff options
| author | nia <nia@pkgsrc.org> | 2020-04-18 14:21:56 +0000 |
|---|---|---|
| committer | nia <nia@pkgsrc.org> | 2020-04-18 14:21:56 +0000 |
| commit | 03d88373aa28134bf0146bfb6f49a43299af0087 (patch) | |
| tree | b320ea711036c3f6dbd1423a8868157d6c9a768a /security/mbedtls | |
| parent | 83078d2ffddd889a40b36e5471ac9df2f199ae2d (diff) | |
| download | pkgsrc-03d88373aa28134bf0146bfb6f49a43299af0087.tar.gz | |
mbedtls: Update to 2.16.6
= mbed TLS 2.16.6 branch released 2020-04-14
Security
* Fix side channel in ECC code that allowed an adversary with access to
precise enough timing and memory access information (typically an
untrusted operating system attacking a secure enclave) to fully recover
an ECDSA private key. Found and reported by Alejandro Cabrera Aldaya,
Billy Brumley and Cesar Pereida Garcia. CVE-2020-10932
* Fix a potentially remotely exploitable buffer overread in a
DTLS client when parsing the Hello Verify Request message.
Bugfix
* Fix compilation failure when both MBEDTLS_SSL_PROTO_DTLS and
MBEDTLS_SSL_HW_RECORD_ACCEL are enabled.
* Fix a function name in a debug message. Contributed by Ercan Ozturk in
#3013.
Diffstat (limited to 'security/mbedtls')
| -rw-r--r-- | security/mbedtls/Makefile | 4 | ||||
| -rw-r--r-- | security/mbedtls/distinfo | 10 |
2 files changed, 7 insertions, 7 deletions
diff --git a/security/mbedtls/Makefile b/security/mbedtls/Makefile index ebdb7cae985..8eec6272971 100644 --- a/security/mbedtls/Makefile +++ b/security/mbedtls/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.13 2020/03/22 07:47:00 nia Exp $ +# $NetBSD: Makefile,v 1.14 2020/04/18 14:21:56 nia Exp $ -DISTNAME= mbedtls-2.16.5-apache +DISTNAME= mbedtls-2.16.6-apache PKGNAME= ${DISTNAME:-apache=} CATEGORIES= security devel MASTER_SITES= https://tls.mbed.org/download/ diff --git a/security/mbedtls/distinfo b/security/mbedtls/distinfo index 7bc395a6dd4..c9ec8ca0cde 100644 --- a/security/mbedtls/distinfo +++ b/security/mbedtls/distinfo @@ -1,7 +1,7 @@ -$NetBSD: distinfo,v 1.8 2020/02/29 11:45:02 nia Exp $ +$NetBSD: distinfo,v 1.9 2020/04/18 14:21:56 nia Exp $ -SHA1 (mbedtls-2.16.5-apache.tgz) = c36962183e05467aa1dadafcaacf90216a737866 -RMD160 (mbedtls-2.16.5-apache.tgz) = 92e0ffc42f519518472048109c0caa138a7ebe81 -SHA512 (mbedtls-2.16.5-apache.tgz) = 89a6a2cc6fe8b568396caed5fe8428ff5debf833c643b0e4c3144fdc474b127d156d8f5e5ea47a8b5d6522a2689e91a57abc533390b3f54aaa2c756ef6d3baf7 -Size (mbedtls-2.16.5-apache.tgz) = 2695416 bytes +SHA1 (mbedtls-2.16.6-apache.tgz) = 3cb5b681597a5bd798d31038c129c0dc911d8a2c +RMD160 (mbedtls-2.16.6-apache.tgz) = da5ede944292874afdb24a8fe21c643b34255206 +SHA512 (mbedtls-2.16.6-apache.tgz) = a0c48b694d7bc70256d26c44bfb2ac802428560b02e50fe2e47762bc595e2c7b8fac934badb3452acb01d8a54386eafae0ff2894320d24ab7554f1c8e6cb4bcf +Size (mbedtls-2.16.6-apache.tgz) = 2699220 bytes SHA1 (patch-library_net__sockets.c) = cd8f9cf84947800eb73d004847789626511ceb35 |