{"id":810255,"url":"http://patchwork.ozlabs.org/api/1.2/patches/810255/?format=json","web_url":"http://patchwork.ozlabs.org/project/buildroot/patch/4340454882827bf3f55e05edde6241878a072857.1504638326.git.baruch@tkos.co.il/","project":{"id":27,"url":"http://patchwork.ozlabs.org/api/1.2/projects/27/?format=json","name":"Buildroot development","link_name":"buildroot","list_id":"buildroot.buildroot.org","list_email":"buildroot@buildroot.org","web_url":"","scm_url":"","webscm_url":"","list_archive_url":"","list_archive_url_format":"","commit_url_format":""},"msgid":"<4340454882827bf3f55e05edde6241878a072857.1504638326.git.baruch@tkos.co.il>","list_archive_url":null,"date":"2017-09-05T19:05:26","name":"[2/2] mbedtls: security bump to version 2.6.0","commit_ref":"aa70897e292dc5a97a2ec99db3fe3f2b9aeea33b","pull_url":null,"state":"accepted","archived":false,"hash":"f265c513ca50d26bc1959425e4b6be2a48b1a063","submitter":{"id":1458,"url":"http://patchwork.ozlabs.org/api/1.2/people/1458/?format=json","name":"Baruch Siach","email":"baruch@tkos.co.il"},"delegate":null,"mbox":"http://patchwork.ozlabs.org/project/buildroot/patch/4340454882827bf3f55e05edde6241878a072857.1504638326.git.baruch@tkos.co.il/mbox/","series":[{"id":1633,"url":"http://patchwork.ozlabs.org/api/1.2/series/1633/?format=json","web_url":"http://patchwork.ozlabs.org/project/buildroot/list/?series=1633","date":"2017-09-05T19:05:25","name":"[1/2] shairport-sync: fix static link with mbedtls","version":1,"mbox":"http://patchwork.ozlabs.org/series/1633/mbox/"}],"comments":"http://patchwork.ozlabs.org/api/patches/810255/comments/","check":"pending","checks":"http://patchwork.ozlabs.org/api/patches/810255/checks/","tags":{},"related":[],"headers":{"Return-Path":"<buildroot-bounces@busybox.net>","X-Original-To":["incoming@patchwork.ozlabs.org","buildroot@lists.busybox.net"],"Delivered-To":["patchwork-incoming@bilbo.ozlabs.org","buildroot@osuosl.org"],"Authentication-Results":"ozlabs.org;\n\tspf=pass (mailfrom) smtp.mailfrom=busybox.net\n\t(client-ip=140.211.166.138; helo=whitealder.osuosl.org;\n\tenvelope-from=buildroot-bounces@busybox.net;\n\treceiver=<UNKNOWN>)","Received":["from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138])\n\t(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))\n\t(No client certificate requested)\n\tby ozlabs.org (Postfix) with ESMTPS id 3xmx4t2JDdz9t2R\n\tfor <incoming@patchwork.ozlabs.org>;\n\tWed,  6 Sep 2017 05:05:49 +1000 (AEST)","from localhost (localhost [127.0.0.1])\n\tby whitealder.osuosl.org (Postfix) with ESMTP id BFF618770C;\n\tTue,  5 Sep 2017 19:05:43 +0000 (UTC)","from whitealder.osuosl.org ([127.0.0.1])\n\tby localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)\n\twith ESMTP id EWbdIVEqY-wa; Tue,  5 Sep 2017 19:05:42 +0000 (UTC)","from ash.osuosl.org (ash.osuosl.org [140.211.166.34])\n\tby whitealder.osuosl.org (Postfix) with ESMTP id E2DC38787C;\n\tTue,  5 Sep 2017 19:05:41 +0000 (UTC)","from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138])\n\tby ash.osuosl.org (Postfix) with ESMTP id 25E271C0E93\n\tfor <buildroot@lists.busybox.net>;\n\tTue,  5 Sep 2017 19:05:41 +0000 (UTC)","from localhost (localhost [127.0.0.1])\n\tby whitealder.osuosl.org (Postfix) with ESMTP id 1FE558788C\n\tfor <buildroot@lists.busybox.net>;\n\tTue,  5 Sep 2017 19:05:41 +0000 (UTC)","from whitealder.osuosl.org ([127.0.0.1])\n\tby localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)\n\twith ESMTP id UuJ5o6aLvXj1 for <buildroot@lists.busybox.net>;\n\tTue,  5 Sep 2017 19:05:39 +0000 (UTC)","from mx.tkos.co.il (guitar.tcltek.co.il [192.115.133.116])\n\tby whitealder.osuosl.org (Postfix) with ESMTPS id 506178787C\n\tfor <buildroot@busybox.net>; Tue,  5 Sep 2017 19:05:39 +0000 (UTC)","from tarshish.tkos.co.il (unknown [10.0.8.6])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128\n\tbits)) (No client certificate requested)\n\tby mx.tkos.co.il (Postfix) with ESMTPSA id 0DAF744083B;\n\tTue,  5 Sep 2017 22:05:18 +0300 (IDT)"],"X-Virus-Scanned":["amavisd-new at osuosl.org","amavisd-new at osuosl.org"],"X-Greylist":"domain auto-whitelisted by SQLgrey-1.7.6","From":"Baruch Siach <baruch@tkos.co.il>","To":"buildroot@busybox.net","Date":"Tue,  5 Sep 2017 22:05:26 +0300","Message-Id":"<4340454882827bf3f55e05edde6241878a072857.1504638326.git.baruch@tkos.co.il>","X-Mailer":"git-send-email 2.14.1","In-Reply-To":"<87aa32f0dbacc3252ade43fc605e7f2c310e6465.1504638326.git.baruch@tkos.co.il>","References":"<87aa32f0dbacc3252ade43fc605e7f2c310e6465.1504638326.git.baruch@tkos.co.il>","Subject":"[Buildroot] [PATCH 2/2] mbedtls: security bump to version 2.6.0","X-BeenThere":"buildroot@busybox.net","X-Mailman-Version":"2.1.18-1","Precedence":"list","List-Id":"Discussion and development of buildroot <buildroot.busybox.net>","List-Unsubscribe":"<http://lists.busybox.net/mailman/options/buildroot>,\n\t<mailto:buildroot-request@busybox.net?subject=unsubscribe>","List-Archive":"<http://lists.busybox.net/pipermail/buildroot/>","List-Post":"<mailto:buildroot@busybox.net>","List-Help":"<mailto:buildroot-request@busybox.net?subject=help>","List-Subscribe":"<http://lists.busybox.net/mailman/listinfo/buildroot>,\n\t<mailto:buildroot-request@busybox.net?subject=subscribe>","MIME-Version":"1.0","Content-Type":"text/plain; charset=\"us-ascii\"","Content-Transfer-Encoding":"7bit","Errors-To":"buildroot-bounces@busybox.net","Sender":"\"buildroot\" <buildroot-bounces@busybox.net>"},"content":"Fixes CVE-2017-14032: authentication bypass.\n\nhttps://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2017-02\n\nAdd license hash.\n\nCc: Gustavo Zacarias <gustavo@zacarias.com.ar>\nSigned-off-by: Baruch Siach <baruch@tkos.co.il>\n---\n package/mbedtls/mbedtls.hash | 7 +++++--\n package/mbedtls/mbedtls.mk   | 2 +-\n 2 files changed, 6 insertions(+), 3 deletions(-)","diff":"diff --git a/package/mbedtls/mbedtls.hash b/package/mbedtls/mbedtls.hash\nindex 70a0dc506d93..d04b8677540a 100644\n--- a/package/mbedtls/mbedtls.hash\n+++ b/package/mbedtls/mbedtls.hash\n@@ -1,2 +1,5 @@\n-# From https://tls.mbed.org/tech-updates/releases/mbedtls-2.4.2-2.1.7-and-1.3.19-released\n-sha256\t17dd98af7478aadacc480c7e4159e447353b5b2037c1b6d48ed4fd157fb1b018\tmbedtls-2.4.2-apache.tgz\n+# From https://tls.mbed.org/tech-updates/releases/mbedtls-2.6.0-2.1.9-and-1.3.21-released\n+sha1\te914288da50977f541773f9d36e26f14926594a5\tmbedtls-2.6.0-apache.tgz\n+sha256\t99bc9d4212d3d885eeb96273bcde8ecc649a481404b8d7ea7bb26397c9909687\tmbedtls-2.6.0-apache.tgz\n+# Locally calculated\n+sha256\tcfc7749b96f63bd31c3c42b5c471bf756814053e847c10f3eb003417bc523d30\tapache-2.0.txt\ndiff --git a/package/mbedtls/mbedtls.mk b/package/mbedtls/mbedtls.mk\nindex a571ed0e52f1..64ce18cf6fe5 100644\n--- a/package/mbedtls/mbedtls.mk\n+++ b/package/mbedtls/mbedtls.mk\n@@ -5,7 +5,7 @@\n ################################################################################\n \n MBEDTLS_SITE = https://tls.mbed.org/code/releases\n-MBEDTLS_VERSION = 2.4.2\n+MBEDTLS_VERSION = 2.6.0\n MBEDTLS_SOURCE = mbedtls-$(MBEDTLS_VERSION)-apache.tgz\n MBEDTLS_CONF_OPTS = \\\n \t-DENABLE_PROGRAMS=$(if $(BR2_PACKAGE_MBEDTLS_PROGRAMS),ON,OFF) \\\n","prefixes":["2/2"]}