forked from Openwrt/openwrt
31bb27f35b
This is amalgamation of backported changes since 4.7.0-stable release: Sergey V. Lobanov (2):5b13b0b02cwolfssl: update to 5.1.1-stable7d376e6e52libs/wolfssl: add SAN (Subject Alternative Name) support Andre Heider (3):3f8adcb215wolfssl: remove --enable-sha512 configure switch249478ec48wolfssl: always build with --enable-reproducible-build4b212b1306wolfssl: build with WOLFSSL_ALT_CERT_CHAINS Ivan Pavlov (1):16414718f9wolfssl: update to 4.8.1-stable David Bauer (1):f6d8c0cf2bwolfssl: always export wc_ecc_set_rng Christian Lamparter (1):86801bd3d8wolfssl: fix Ed25519 typo in config prompt The diff of security related changes we would need to backport would be so huge, that there would be a high probability of introducing new vulnerabilities, so it was decided, that bumping to latest stable release is the prefered way for fixing following security issues: * OCSP request/response verification issue. (fixed in 4.8.0) * Incorrectly skips OCSP verification in certain situations CVE-2021-38597 (fixed in 4.8.1) * Issue with incorrectly validating a certificate (fixed in 5.0.0) * Hang with DSA signature creation when a specific q value is used (fixed in 5.0.0) * Client side session resumption issue (fixed in 5.1.0) * Potential for DoS attack on a wolfSSL client CVE-2021-44718 (fixed in 5.1.0) * Non-random IV values in certain situations CVE-2022-23408 (fixed in 5.1.1) Cc: Hauke Mehrtens <hauke@hauke-m.de> Cc: Eneas U de Queiroz <cotequeiroz@gmail.com> Signed-off-by: Petr Štetiar <ynezz@true.cz> Acked-by: Hauke Mehrtens <hauke@hauke-m.de> Acked-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
14 lines
296 B
Diff
14 lines
296 B
Diff
diff --git a/configure.ac b/configure.ac
|
|
index 144c857e4..de7f6b45a 100644
|
|
--- a/configure.ac
|
|
+++ b/configure.ac
|
|
@@ -32,7 +32,7 @@ AC_ARG_PROGRAM
|
|
|
|
AC_CONFIG_HEADERS([config.h:config.in])
|
|
|
|
-LT_PREREQ([2.4.2])
|
|
+LT_PREREQ([2.4])
|
|
LT_INIT([disable-static win32-dll])
|
|
|
|
#shared library versioning
|