On Tue, Sep 17, 2019 at 10:52 AM Eneas U de Queiroz <cotequei...@gmail.com> wrote: > > This version fixes 3 low-severity vulnerabilities: > > - CVE-2019-1547: ECDSA remote timing attack > - CVE-2019-1549: Fork Protection > - CVE-2019-1563: Padding Oracle in PKCS7_dataDecode and > CMS_decrypt_set1_pkey > > Patches were refreshed. > > Signed-off-by: Eneas U de Queiroz <cotequei...@gmail.com> > > -- > Run-tested on WRT3200ACM, mvebu, running openwrt master, using uhttpd, > nginx, openssl-util, and uclient-fetch; devcrypto engine specifically > tested. > > This should be cherry-picked to openwrt-19.07 as well. >
Can someone please cherry pick this to 19.07: d868d0a5d7e1d76bb1a8980346d222fae55fa18b If I should rather send a proper patch to list, please let me know. BR Eneas _______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel