Patch axTLS CVEs and fix CA verification (#5270)

Browse Source

Apply patches developed by Sze Yiu Chau <schau@purdue.edu> which
correct a vulnerability in X509 parsing.

See CVE-2018-16150 and CVE-2018-16149 for more info.

CA certification validation was broken by a change put in during warning
cleanup a long time ago.  This binary now includes the 1-line correction
and HTTPSRequestCACert now works again (before was failing
because the key usages in certs were not properly read).

...

This commit is contained in:

Earle F. Philhower, III 2018-10-24 12:47:11 -07:00 committed by GitHub

parent a063c2b36f

commit 42c977bd4d

No known key found for this signature in database

GPG Key ID: 4AEE18F83AFDEB23

1 changed files with 0 additions and 0 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN

tools/sdk/lib/libaxtls.a

Binary file not shown.