mirror of
https://gitlab.alpinelinux.org/alpine/aports.git
synced 2024-09-20 11:23:16 +00:00
main/mbedtls: security upgrade to 3.6.1
https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.6.1 update security issues tracking url as https://tls.mbed.org/security redirect to https://www.trustedfirmware.org/projects/mbed-tls/
This commit is contained in:
parent
b700ee7529
commit
92ba5559a4
2 changed files with 24 additions and 5 deletions
|
@ -2,9 +2,9 @@
|
|||
# Contributor: Łukasz Jendrysik <scadu@yandex.com>
|
||||
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
|
||||
pkgname=mbedtls
|
||||
pkgver=3.6.0 # long-time support branch
|
||||
pkgver=3.6.1 # long-time support branch
|
||||
pkgrel=0
|
||||
_framework_commit=f1aa3f5c96da714f06dd4e23d84ba18e4f3cf359
|
||||
_framework_commit=053518c2ca152b6ae5e791b5d655e539de8bee3e
|
||||
pkgdesc="Light-weight cryptographic and SSL/TLS library"
|
||||
url="https://www.trustedfirmware.org/projects/mbed-tls/"
|
||||
arch="all"
|
||||
|
@ -13,12 +13,17 @@ makedepends="cmake perl python3 samurai"
|
|||
subpackages="$pkgname-static $pkgname-dev $pkgname-utils"
|
||||
source="$pkgname-$pkgver.tar.gz::https://github.com/ARMmbed/mbedtls/archive/v$pkgver.tar.gz
|
||||
$pkgname-framework-$_framework_commit.tar.gz::https://github.com/Mbed-TLS/mbedtls-framework/archive/$_framework_commit.tar.gz
|
||||
gcc14.patch
|
||||
"
|
||||
|
||||
# Track security issues
|
||||
# https://tls.mbed.org/security
|
||||
# https://mbed-tls.readthedocs.io/en/latest/security-advisories/
|
||||
|
||||
# secfixes:
|
||||
# 3.6.1-r0:
|
||||
# - CVE-2024-45157
|
||||
# - CVE-2024-45158
|
||||
# - CVE-2024-45159
|
||||
# 2.28.8-r0:
|
||||
# - CVE-2024-28960
|
||||
# 2.28.7-r0:
|
||||
|
@ -100,6 +105,7 @@ static() {
|
|||
}
|
||||
|
||||
sha512sums="
|
||||
7e50cf2bb2c9abeb56f18a25bc126b96ac5e3329702cf5b2e266df6b649b9544ab5f2ac00bd57e06091e10cdcf907e600c14eb415942d028000d7b6f1c0cfa42 mbedtls-3.6.0.tar.gz
|
||||
9f415f96d6b6c6750dad900e6bc8d5f641e6c322d0cb19143218a4b4e7aee5fa6a7a15fe388b883f5d08b49f2e508c6c4838706133768aa668b972343e547c07 mbedtls-framework-f1aa3f5c96da714f06dd4e23d84ba18e4f3cf359.tar.gz
|
||||
e7985a4e7e07328ae55fdad5212f71ac6af903f2b670c6d4bc2a8d6a4b9b7343697a2fd350a836b9425590c838615cd5b2fa851940bd137bb759fa35cd9f0ee8 mbedtls-3.6.1.tar.gz
|
||||
178ad7a40ba1c367f67fa47c49b4ccffe00506e1407c6988cac8b14a3f66773319eeb74fb505f085f7541c65096c3700d889112836ebd26a28f23f5b0cbb5bfc mbedtls-framework-053518c2ca152b6ae5e791b5d655e539de8bee3e.tar.gz
|
||||
3c07e8f773295a08b1f215b64f1f62e194ec4fa54b6485107a3db0d731e12df1a88321852dd5caeb5f1f4931695168c9618f316cfecfd92c42c88f610285cef6 gcc14.patch
|
||||
"
|
||||
|
|
13
main/mbedtls/gcc14.patch
Normal file
13
main/mbedtls/gcc14.patch
Normal file
|
@ -0,0 +1,13 @@
|
|||
Ref https://github.com/Mbed-TLS/mbedtls/issues/9003
|
||||
|
||||
--- a/library/common.h
|
||||
+++ b/library/common.h
|
||||
@@ -199,7 +199,7 @@ static inline void mbedtls_xor(unsigned
|
||||
uint8x16_t x = veorq_u8(v1, v2);
|
||||
vst1q_u8(r + i, x);
|
||||
}
|
||||
-#if defined(__IAR_SYSTEMS_ICC__)
|
||||
+#if defined(__IAR_SYSTEMS_ICC__) || defined(MBEDTLS_COMPILER_IS_GCC)
|
||||
/* This if statement helps some compilers (e.g., IAR) optimise out the byte-by-byte tail case
|
||||
* where n is a constant multiple of 16.
|
||||
* For other compilers (e.g. recent gcc and clang) it makes no difference if n is a compile-time
|
Loading…
Reference in a new issue