10000 Patch axTLS CVEs and fix CA verification (#5270) · esp8266/Arduino@42c977b · GitHub
[go: up one dir, main page]
Skip to content

Commit 42c977b

Browse files
earlephilhowerearlephilhower
authored
Patch axTLS CVEs and fix CA verification (#5270)
Apply patches developed by Sze Yiu Chau <schau@purdue.edu> which correct a vulnerability in X509 parsing. See CVE-2018-16150 and CVE-2018-16149 for more info. CA certification validation was broken by a change put in during warning cleanup a long time ago. This binary now includes the 1-line correction and HTTPSRequestCACert now works again (before was failing because the key usages in certs were not properly read).
1 parent a063c2b commit 42c977b

File tree

1 file changed

+0
-0
lines changed

1 file changed

+0
-0
lines changed

tools/sdk/lib/libaxtls.a

3.27 KB
Binary file not shown.

0 commit comments

Comments
 (0)
0