treewide: fix security issues by bumping all packages using libwolfssl
authorPetr Štetiar <ynezz@true.cz>
Mon, 3 Oct 2022 17:03:15 +0000 (19:03 +0200)
committerPetr Štetiar <ynezz@true.cz>
Wed, 5 Oct 2022 19:37:47 +0000 (21:37 +0200)
commitc8447b8a3829349822c9d26c978959042d697d0a
treea83509ee17d807f385d67615d026a8042fb8c5c2
parent0b9b8e5ae63eee432d121f75a44e9928f7cb3d95
treewide: fix security issues by bumping all packages using libwolfssl

As wolfSSL is having hard time maintaining ABI compatibility between
releases, we need to manually force rebuild of packages depending on
libwolfssl and thus force their upgrade. Otherwise due to the ABI
handling we would endup with possibly two libwolfssl libraries in the
system, including the patched libwolfssl-5.5.1, but still have
vulnerable services running using the vulnerable libwolfssl-5.4.0.

So in order to propagate update of libwolfssl to latest stable release
done in commit ec8fb542ec3e4 ("wolfssl: fix TLSv1.3 RCE in uhttpd by
using 5.5.1-stable (CVE-2022-39173)") which fixes several remotely
exploitable vulnerabilities, we need to bump PKG_RELEASE of all packages
using wolfSSL library.

Same bump has been done in buildroot in commit f1b7e1434f66 ("treewide:
fix security issues by bumping all packages using libwolfssl").

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 845d81ca0976c82829addc23e9e8b95885c910ee)
(cherry picked from commit f624e41f38e82e3b2df83e309e7bb00b68ad0091)
libs/libuhttpd/Makefile
libs/libuwsc/Makefile
net/coova-chilli/Makefile
net/curl/Makefile
net/lighttpd/Makefile
net/openvpn/Makefile
net/strongswan/Makefile
net/wifidog/Makefile
utils/rtty/Makefile