summaryrefslogtreecommitdiffstats
path: root/meta-networking/recipes-connectivity/wolfssl/files/CVE-2025-7395-3.patch
diff options
context:
space:
mode:
authorGyorgy Sarvari <skandigraun@gmail.com>2025-12-24 13:53:26 +0100
committerAnuj Mittal <anuj.mittal@oss.qualcomm.com>2025-12-30 07:08:15 +0530
commitb7180060eb8a1da2731a74c9b66ea1a3050143cd (patch)
treefba547d635e6b739c4b9f49d1c0cf99663b6be81 /meta-networking/recipes-connectivity/wolfssl/files/CVE-2025-7395-3.patch
parente7b55c84bb89aa5f61ec5738f4869b7366afd06e (diff)
downloadmeta-openembedded-b7180060eb8a1da2731a74c9b66ea1a3050143cd.tar.gz
wolfssl: patch CVE-2025-7395
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-7395 Backport the patches from the PR[1] that is referenced by the project's changelog[2] to fix this issue. [1]: https://github.com/wolfSSL/wolfssl/pull/8833 [2]: https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Diffstat (limited to 'meta-networking/recipes-connectivity/wolfssl/files/CVE-2025-7395-3.patch')
-rw-r--r--meta-networking/recipes-connectivity/wolfssl/files/CVE-2025-7395-3.patch25
1 files changed, 25 insertions, 0 deletions
diff --git a/meta-networking/recipes-connectivity/wolfssl/files/CVE-2025-7395-3.patch b/meta-networking/recipes-connectivity/wolfssl/files/CVE-2025-7395-3.patch
new file mode 100644
index 0000000000..a7e1c336f3
--- /dev/null
+++ b/meta-networking/recipes-connectivity/wolfssl/files/CVE-2025-7395-3.patch
@@ -0,0 +1,25 @@
1From f2a85e37e552d8dfafa2cbf32507b2fa545ee593 Mon Sep 17 00:00:00 2001
2From: Brett <bigbrett@users.noreply.github.com>
3Date: Wed, 4 Jun 2025 16:56:16 -0600
4Subject: [PATCH] add missing error trace macro
5
6CVE: CVE-2025-7395
7Upstream-Status: Backport [https://github.com/wolfSSL/wolfssl/commit/0e2a3fd0b64bc6ba633aa9227e92ecacb42b5b1b]
8Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
9---
10 src/internal.c | 2 +-
11 1 file changed, 1 insertion(+), 1 deletion(-)
12
13diff --git a/src/internal.c b/src/internal.c
14index 79f584a0a..5557b5698 100644
15--- a/src/internal.c
16+++ b/src/internal.c
17@@ -15991,7 +15991,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
18 /* If we can't validate the peer cert chain against the CAs loaded
19 * into wolfSSL, try to validate against the system certificates
20 * using Apple's native trust APIs */
21- if ((ret == ASN_NO_SIGNER_E) &&
22+ if ((ret == WC_NO_ERR_TRACE(ASN_NO_SIGNER_E)) &&
23 (ssl->ctx->doAppleNativeCertValidationFlag)) {
24 if (DoAppleNativeCertValidation(ssl, args->certs,
25 args->totalCerts)) {