---
- branch: MAIN
  date: Mon Mar  8 03:44:35 UTC 2021
  files:
  - new: '1.6'
    old: '1.5'
    path: pkgsrc/security/wolfssl/Makefile
    pathrev: pkgsrc/security/wolfssl/Makefile@1.6
    type: modified
  - new: '1.5'
    old: '1.4'
    path: pkgsrc/security/wolfssl/distinfo
    pathrev: pkgsrc/security/wolfssl/distinfo@1.5
    type: modified
  id: 20210308T034435Z.189c8c8540488f2c46ba030ad8503054afad2d4e
  log: "security/wolfssl: Updates to v4.7.0\n\nChanges since v4.6.0:\n\nwolfSSL Release
    4.7.0 (February 16, 2021)\n\nRelease 4.7.0 of wolfSSL embedded TLS has bug fixes
    and new features including:\nNew Feature Additions\n\n  * Compatibility Layer
    expansion SSL_get_verify_mode, X509_VERIFY_PARAM API,\n    X509_STORE_CTX API
    added\n  * WOLFSSL_PSK_IDENTITY_ALERT macro added for enabling a subset of TLS
    alerts\n  * Function wolfSSL_CTX_NoTicketTLSv12 added to enable turning off session\n
    \   tickets with TLS 1.2 while keeping TLS 1.3 session tickets available\n  *
    Implement RFC 5705: Keying Material Exporters for TLS\n  * Added --enable-reproducible-build
    flag for making more deterministic\n    library outputs to assist debugging\n
    \ * Added support for S/MIME (Secure/Multipurpose Internet Mail Extensions)\n
    \   bundles\n\nFixes\n\n  * Fix to free mutex when cert manager is freeâ\x80\x99d\n
    \ * Compatibility layer EVP function to return the correct block size and type\n
    \ * DTLS secure renegotiation fixes including resetting timeout and retransmit\n
    \   on duplicate HelloRequest\n  * Fix for edge case with shrink buffer and secure
    renegotiation\n  * Compile fix for type used with curve448 and PPC64\n  * Fixes
    for SP math all with PPC64 and other embedded compilers\n  * SP math all fix when
    performing montgomery reduction on one word modulus\n  * Fixes to SP math all
    to better support digit size of 8-bit\n  * Fix for results of edge case with SP
    integer square operation\n  * Stop non-ct mod inv from using register x29 with
    SP ARM64 build\n  * Fix edge case when generating z value of ECC with SP code\n
    \ * Fixes for PKCS7 with crypto callback (devId) with RSA and RNG\n  * Fix for
    compiling builds with RSA verify and public only\n  * Fix for PKCS11 not properly
    exporting the public key due to a missing key\n    type field\n  * Call certificate
    callback with certificate depth issues\n  * Fix for out-of-bounds read in TLSX_CSR_Parse()\n
    \ * Fix incorrect AES-GCM tag generation in the EVP layer\n  * Fix for out of
    bounds write with SP math all enabled and an edge case of\n    calling sp_tohex
    on the result of sp_mont_norm\n  * Fix for parameter check in sp_rand_prime to
    handle 0 length values\n  * Fix for edge case of failing malloc resulting in an
    out of bounds write\n    with SHA256/SHA512 when small stack is enabled\n\nImprovements/Optimizations\n\n
    \ * Added --enable-wolftpm option for easily building wolfSSL to be used with\n
    \   wolfTPM\n  * DTLS macro WOLFSSL_DTLS_RESEND_ONLY_TIMEOUT added for resending
    flight\n    only after a timeout\n  * Update linux kernel module to use kvmalloc
    and kvfree\n  * Add user settings option to cmake build\n  * Added support for
    AES GCM session ticket encryption\n  * Thread protection for global RNG used by
    wolfSSL_RAND_bytes function calls\n  * Sanity check on FIPs configure flag used
    against the version of FIPs\n    bundle\n  * --enable-aesgcm=table now is compatible
    with --enable-linuxkm\n  * Increase output buffer size that wolfSSL_RAND_bytes
    can handle\n  * Out of directory builds resolved, wolfSSL can now be built in
    a separate\n    directory than the root wolfssl directory\n\nVulnerabilities\n\n
    \ * [HIGH] CVE-2021-3336: In earlier versions of wolfSSL there exists a\n    potential
    man in the middle attack on TLS 1.3 clients. Malicious\n    attackers with a privileged
    network position can impersonate TLS 1.3\n    servers and bypass authentication.
    Users that have applications with\n    client side code and have TLS 1.3 turned
    on, should update to the latest\n    version of wolfSSL. Users that do not have
    TLS 1.3 turned on, or that are\n    server side only, are NOT affected by this
    report. For the code change\n    see #3676. Thanks to Aina Toky Rasoamanana and
    Olivier Levillain from\n    TÃ©lÃ©com SudParis for the report.\n  * [LOW] In the
    case of using custom ECC curves there is the potential for a\n    crafted compressed
    ECC key that has a custom prime value to cause a hang\n    when imported. This
    only affects applications that are loading in ECC keys\n    with wolfSSL builds
    that have compressed ECC keys and custom ECC curves\n    enabled.\n  * [LOW] With
    TLS 1.3 authenticated-only ciphers a section of the server\n    hello could contain
    16 bytes of uninitialized data when sent to the\n    connected peer. This affects
    only a specific build of wolfSSL with TLS\n    1.3 early data enabled and using
    authenticated-only ciphers with TLS 1.3.\n\nFor additional vulnerability information
    visit the vulnerability page at\nhttps://www.wolfssl.com/docs/security-vulnerabilities/\n\nSee
    INSTALL file for build instructions.\nMore info can be found on-line at https://wolfssl.com/wolfSSL/Docs.html\n"
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/security/wolfssl'
  unixtime: '1615175075'
  user: fox