freebsd/ports
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
02dbfbc67645e88e9865f2885b124da170688c33
ports/security/wolfssl/distinfo
Santhosh Raju e4b7701144 security/wolfssl: Updates to v4.8.1 
Changes since v4.8.0:

wolfSSL Release 4.8.1 (July 16, 2021)

Release 4.8.1 of wolfSSL embedded TLS has an OCSP vulnerability fix:
Vulnerabilities

  * [High] OCSP verification issue when response is for a certificate with no
    relation to the chain in question BUT that response contains the NoCheck
    extension which effectively disables ALL verification of that one cert.
    Users who should upgrade to 4.8.1 are TLS client users doing OCSP, TLS
    server users doing mutual auth with OCSP, and CertManager users doing OCSP
    independent of TLS. Thanks to Jan Nauber, Marco Smeets, Werner Rueschenbaum
    and Alissa Kim of Volkswagen Infotainment for the report.
2021-07-24 10:19:39 +05:30

4 lines
153 B
Plaintext
Raw Blame History

TIMESTAMP = 1627101426
SHA256 (wolfssl-4.8.1.zip) = 149299b90a6546a91e781c645187254d19c510286bc0c2bffaad0326ad5a8b6e
SIZE (wolfssl-4.8.1.zip) = 11836201
Reference in New Issue View Git Blame Copy Permalink