NOTICE: This package has been removed from pkgsrc

./security/mbedtls1, Lightweight, modular cryptographic and SSL/TLS library

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ]


Branch: CURRENT, Version: 1.3.17nb3, Package name: mbedtls-1.3.17nb3, Maintainer: pkgsrc-users

mbed TLS (formerly known as PolarSSL) makes it trivially easy for developers
to include cryptographic and SSL/TLS capabilities in their (embedded)
products, facilitating this functionality with a minimal coding footprint.

This package holds the maintenance 1.3.x branch of mbedtls.


Required to build:
[pkgtools/cwrappers]

Master sites:

SHA1: f6e6d0e08e4425e0cbd141dd007541fedfff2a3e
RMD160: e923a83cc73a3f9a0e529921394417e60dbf5df8
Filesize: 1725.191 KB

Version history: (Expand)


CVS history: (Expand)


   2020-03-22 08:54:23 by Nia Alarie | Files touched by this commit (9) | Package removed
Log message:
mbedtls1: Remove, unmaintained and unused in pkgsrc
   2020-01-18 22:51:16 by Jonathan Perkin | Files touched by this commit (1836)
Log message:
*: Recursive revision bump for openssl 1.1.1.
   2019-11-04 22:13:04 by Roland Illig | Files touched by this commit (118)
Log message:
security: align variable assignments

pkglint -Wall -F --only aligned --only indent -r

No manual corrections.
   2019-08-11 15:25:21 by Thomas Klausner | Files touched by this commit (3557)
Log message:
Bump PKGREVISIONs for perl 5.30.0
   2018-08-22 11:48:07 by Thomas Klausner | Files touched by this commit (3558)
Log message:
Recursive bump for perl5-5.28.0
   2016-09-15 12:48:01 by Filip Hajny | Files touched by this commit (3)
Log message:
Update security/mbedtls1 to 1.3.17

Security
- Fixed missing padding length check required by PKCS1 v2.2 in
  mbedtls_rsa_rsaes_pkcs1_v15_decrypt(). (considered low impact)
- Fixed potential integer overflow to buffer overflow in
  mbedtls_rsa_rsaes_pkcs1_v15_encrypt() and
  mbedtls_rsa_rsaes_oaep_encrypt(). (not triggerable remotely in
  (D)TLS).
- Fixed potential integer underflow to buffer overread in
  mbedtls_rsa_rsaes_oaep_decrypt(). It is not triggerable remotely
in SSL/TLS.

Bugfix
- Fixed bug in mbedtls_mpi_add_mpi() that caused wrong results
  when the three arguments were the same (in-place doubling). #309
- Fixed issue in Makefile that prevented building using armar.
  #386
- Fixed issue that caused a hang when generating RSA keys of odd
  bitlength.
- Fixed bug in mbedtls_rsa_rsaes_pkcs1_v15_encrypt() that made
  null pointer dereference possible.
- Fixed issue that caused a crash if invalid curves were passed to
  mbedtls_ssl_conf_curves(). #373

Changes
- On ARM platforms, when compiling with -O0 with GCC, Clang or
  armcc5, don't use the optimized assembly for bignum
  multiplication. This removes the need to pass -fomit-frame-pointer
  to avoid a build error with -O0.
- Disabled SSLv3 in the default configuration.
   2016-07-09 08:39:18 by Thomas Klausner | Files touched by this commit (1068)
Log message:
Bump PKGREVISION for perl-5.24.0 for everything mentioning perl.
   2016-06-16 11:21:11 by Filip Hajny | Files touched by this commit (9)
Log message:
Import mbedtls-1.3.16 as security/mbedtls1.

This is based on security/mbedtls and only meant for compatibility
with software that doesn't support mbedtls>=2 yet (mainly requires
the PolarSSL compatibility layer).