From: Chen Pei <[email protected]> Version 2.19.3, 2022-11-16 CVE-2022-43705: A malicious OCSP responder could forge OCSP responses due to a failure to validate that an embedded certificate was issued by the end-entity issuing certificate authority.
Signed-off-by: Chen Pei <[email protected]> Signed-off-by: Khem Raj <[email protected]> (cherry picked from commit 2392dc79254a223da260c4b3b639d738e81b06a5) Signed-off-by: Armin Kuster <[email protected]> --- .../recipes-crypto/botan/{botan_2.19.2.bb => botan_2.19.3.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-oe/recipes-crypto/botan/{botan_2.19.2.bb => botan_2.19.3.bb} (93%) diff --git a/meta-oe/recipes-crypto/botan/botan_2.19.2.bb b/meta-oe/recipes-crypto/botan/botan_2.19.3.bb similarity index 93% rename from meta-oe/recipes-crypto/botan/botan_2.19.2.bb rename to meta-oe/recipes-crypto/botan/botan_2.19.3.bb index 5261367db2..8d9d423ce7 100644 --- a/meta-oe/recipes-crypto/botan/botan_2.19.2.bb +++ b/meta-oe/recipes-crypto/botan/botan_2.19.3.bb @@ -5,7 +5,7 @@ LIC_FILES_CHKSUM = "file://license.txt;md5=f4ce98476c07c34e1793daa036960fad" SECTION = "libs" SRC_URI = "https://botan.randombit.net/releases/Botan-${PV}.tar.xz"; -SRC_URI[sha256sum] = "3af5f17615c6b5cd8b832d269fb6cb4d54ec64f9eb09ddbf1add5093941b4d75" +SRC_URI[sha256sum] = "dae047f399c5a47f087db5d3d9d9e8f11ae4985d14c928d71da1aff801802d55" S = "${WORKDIR}/Botan-${PV}" -- 2.25.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#100457): https://lists.openembedded.org/g/openembedded-devel/message/100457 Mute This Topic: https://lists.openembedded.org/mt/96132630/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
