[pkgsrc/trunk]: pkgsrc/security/mbedtls mbedtls: Update to 2.16.6

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/security/mbedtls mbedtls: Update to 2.16.6
From: nia <nia%pkgsrc.org@localhost>
Date: Sat, 18 Apr 2020 15:54:41 +0000

details:   https://anonhg.NetBSD.org/pkgsrc/rev/4509285815bf
branches:  trunk
changeset: 427631:4509285815bf
user:      nia <nia%pkgsrc.org@localhost>
date:      Sat Apr 18 14:21:56 2020 +0000

description:
mbedtls: Update to 2.16.6

= mbed TLS 2.16.6 branch released 2020-04-14

Security
   * Fix side channel in ECC code that allowed an adversary with access to
     precise enough timing and memory access information (typically an
     untrusted operating system attacking a secure enclave) to fully recover
     an ECDSA private key. Found and reported by Alejandro Cabrera Aldaya,
     Billy Brumley and Cesar Pereida Garcia. CVE-2020-10932
   * Fix a potentially remotely exploitable buffer overread in a
     DTLS client when parsing the Hello Verify Request message.

Bugfix
   * Fix compilation failure when both MBEDTLS_SSL_PROTO_DTLS and
     MBEDTLS_SSL_HW_RECORD_ACCEL are enabled.
   * Fix a function name in a debug message. Contributed by Ercan Ozturk in
     #3013.

diffstat:

 security/mbedtls/Makefile |   4 ++--
 security/mbedtls/distinfo |  10 +++++-----
 2 files changed, 7 insertions(+), 7 deletions(-)

diffs (28 lines):

diff -r c93c7f1a89bd -r 4509285815bf security/mbedtls/Makefile
--- a/security/mbedtls/Makefile Sat Apr 18 14:19:13 2020 +0000
+++ b/security/mbedtls/Makefile Sat Apr 18 14:21:56 2020 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.13 2020/03/22 07:47:00 nia Exp $
+# $NetBSD: Makefile,v 1.14 2020/04/18 14:21:56 nia Exp $
 
-DISTNAME=      mbedtls-2.16.5-apache
+DISTNAME=      mbedtls-2.16.6-apache
 PKGNAME=       ${DISTNAME:-apache=}
 CATEGORIES=    security devel
 MASTER_SITES=  https://tls.mbed.org/download/
diff -r c93c7f1a89bd -r 4509285815bf security/mbedtls/distinfo
--- a/security/mbedtls/distinfo Sat Apr 18 14:19:13 2020 +0000
+++ b/security/mbedtls/distinfo Sat Apr 18 14:21:56 2020 +0000
@@ -1,7 +1,7 @@
-$NetBSD: distinfo,v 1.8 2020/02/29 11:45:02 nia Exp $
+$NetBSD: distinfo,v 1.9 2020/04/18 14:21:56 nia Exp $
 
-SHA1 (mbedtls-2.16.5-apache.tgz) = c36962183e05467aa1dadafcaacf90216a737866
-RMD160 (mbedtls-2.16.5-apache.tgz) = 92e0ffc42f519518472048109c0caa138a7ebe81
-SHA512 (mbedtls-2.16.5-apache.tgz) = 89a6a2cc6fe8b568396caed5fe8428ff5debf833c643b0e4c3144fdc474b127d156d8f5e5ea47a8b5d6522a2689e91a57abc533390b3f54aaa2c756ef6d3baf7
-Size (mbedtls-2.16.5-apache.tgz) = 2695416 bytes
+SHA1 (mbedtls-2.16.6-apache.tgz) = 3cb5b681597a5bd798d31038c129c0dc911d8a2c
+RMD160 (mbedtls-2.16.6-apache.tgz) = da5ede944292874afdb24a8fe21c643b34255206
+SHA512 (mbedtls-2.16.6-apache.tgz) = a0c48b694d7bc70256d26c44bfb2ac802428560b02e50fe2e47762bc595e2c7b8fac934badb3452acb01d8a54386eafae0ff2894320d24ab7554f1c8e6cb4bcf
+Size (mbedtls-2.16.6-apache.tgz) = 2699220 bytes
 SHA1 (patch-library_net__sockets.c) = cd8f9cf84947800eb73d004847789626511ceb35

Prev by Date: [pkgsrc/trunk]: pkgsrc/www/go-parse www/go-parse: Update to 2.4.2
Next by Date: [pkgsrc/trunk]: pkgsrc/doc doc: Updated security/mbedtls to 2.16.6
Previous by Thread: [pkgsrc/trunk]: pkgsrc/www/go-parse www/go-parse: Update to 2.4.2
Next by Thread: [pkgsrc/trunk]: pkgsrc/doc doc: Updated security/mbedtls to 2.16.6
Indexes:

Home | Main Index | Thread Index | Old Index