hurricos/openwrt-mirror
1
0
Fork 0
mirror of git://git.openwrt.org/openwrt/openwrt.git synced 2025-12-15 09:02:10 -05:00
Code Issues Projects Releases Wiki Activity
5ff7149a08
openwrt-mirror/package/libs/mbedtls
History
Magnus Kroken 53ab5629c3 mbedtls: update to 3.6.3 
This release of Mbed TLS provides the fix for a tls compatibility issue of handling fragmented handshake messages.
This release includes fixes for security issues.

* Potential authentication bypass in TLS handshake (CVE-2025-27810) [1]
* TLS clients may unwittingly skip server authentication (CVE-2025-27809) [2]

[1]: https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2025-03-2/
[2]: https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2025-03-1/

Full release announcement:
https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.6.3

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/18353
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 1732d81d80)
2025-04-01 00:31:41 +02:00
..
patches mbedtls: update to 3.6.3 2025-04-01 00:31:41 +02:00
Config.in mbedtls: Deactivate ARIA block cipher by default 2025-01-03 21:55:41 +01:00
Makefile mbedtls: update to 3.6.3 2025-04-01 00:31:41 +02:00