git.ipfire.org Git - thirdparty/openwrt.git/commit

author	Antony Kolitsos <zeusomighty@hotmail.com>
	Tue, 13 May 2025 03:20:13 +0000 (20:20 -0700)
committer	Hauke Mehrtens <hauke@hauke-m.de>
	Thu, 15 May 2025 18:32:41 +0000 (20:32 +0200)
commit	6c51ea2eea438d04161dc97be989c1d82268be56
tree	e54d66584b3d4506cd493272d4df4b7c69d69c88	tree
parent	87bc997e53cd0fc3e47aa8f7679005e7f0741554	commit \| diff

mbedtls: update to 2.28.10

This release of Mbed TLS provides bug fixes and minor enhancements. This release includes fixes for security issues.

Mbed TLS 2.28.10 is the last release of the 2.28 LTS and won't receive bug fixes or security fixes anymore.
Users are advised to upgrade to a maintained version.

* CVE-2025-27810: Potential authentication bypass in TLS handshake [1]
* CVE-2025-27809: TLS clients should generally call mbedtls_ssl_set_hostname [2]

[1] https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2025-03-2/
[2] https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2025-03-1/

Full release announcement:
https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-2.28.10

Signed-off-by: Antony Kolitsos <zeusomighty@hotmail.com>
Link: https://github.com/openwrt/openwrt/pull/18793
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>