From d435ce4492edfbce66d278d82b145f10eda88ea5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20=C5=A0tetiar?= Date: Fri, 11 Nov 2022 11:07:47 +0800 Subject: [PATCH] libuwsc: fix security issues by bumping all packages using libwolfssl MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit As wolfSSL is having hard time maintaining ABI compatibility between releases, we need to manually force rebuild of packages depending on libwolfssl and thus force their upgrade. Otherwise due to the ABI handling we would endup with possibly two libwolfssl libraries in the system, including the patched libwolfssl-5.5.1, but still have vulnerable services running using the vulnerable libwolfssl-5.4.0. So in order to propagate update of libwolfssl to latest stable release done in commit ec8fb54 ("wolfssl: fix TLSv1.3 RCE in uhttpd by using 5.5.1-stable (CVE-2022-39173)") which fixes several remotely exploitable vulnerabilities, we need to bump PKG_RELEASE of all packages using wolfSSL library. Same bump has been done in buildroot in commit f1b7e14 ("treewide: fix security issues by bumping all packages using libwolfssl"). Signed-off-by: Petr Štetiar --- libs/libuwsc/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libs/libuwsc/Makefile b/libs/libuwsc/Makefile index 41f7609f..0f861ea2 100644 --- a/libs/libuwsc/Makefile +++ b/libs/libuwsc/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=libuwsc PKG_VERSION:=3.3.5 -PKG_RELEASE:=$(AUTORELEASE) +PKG_RELEASE:=$(AUTORELEASE).1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL=https://github.com/zhaojh329/libuwsc/releases/download/v$(PKG_VERSION)