Subject: CVS commit: pkgsrc/security/wolfssl
From: Santhosh Raju
Date: 2021-07-24 06:45:06
Message id: 20210724044506.446A8FA95@cvs.NetBSD.org

Log Message:
security/wolfssl: Updates to v4.8.1

Changes since v4.8.0:

wolfSSL Release 4.8.1 (July 16, 2021)

Release 4.8.1 of wolfSSL embedded TLS has an OCSP vulnerability fix:
Vulnerabilities

  * [High] OCSP verification issue when response is for a certificate with no
    relation to the chain in question BUT that response contains the NoCheck
    extension which effectively disables ALL verification of that one cert.
    Users who should upgrade to 4.8.1 are TLS client users doing OCSP, TLS
    server users doing mutual auth with OCSP, and CertManager users doing OCSP
    independent of TLS. Thanks to Jan Nauber, Marco Smeets, Werner Rueschenbaum
    and Alissa Kim of Volkswagen Infotainment for the report.

Files:
RevisionActionfile
1.8modifypkgsrc/security/wolfssl/Makefile
1.7modifypkgsrc/security/wolfssl/distinfo