Hi, The attached debdiff contains an updated d/changelog (plus, an excerpt below):
(1) The target release now says 'bullseye'.
(2) Pursuant to a request from the security team, the annotation
CVE-2021-37155 was added to PR 3990.
Is this ready to upload? Thanks!
Kind regards,
Felix Lechner
* * *
wolfssl (4.6.0+p1-1) bullseye; urgency=medium
* Stable update to address the following vulnerabilities. All fixes were
backported by upstream:
- PR 3676: CVE-2021-3336
- PR 3990: CVE-2021-37155 (OCSP Match Issue)
- PR 4211: CVE-2021-38597
- PR 4629: CVE-2021-44718
- PR 4813: CVE-2022-25638
- PR 4831: CVE-2022-25640
* Drop 58f9b6ec01f0caf89e9e4d37a8816b310005aaf1.patch, which was previously
cherry-picked from upstream.
* Upstream updated some certificates in the test suite.
-- Felix Lechner <felix.lech...@lease-up.com> Mon, 14 Mar 2022 15:45:37 -0700
wolfssl_4.6.0-3.dsc_wolfssl_4.6.0+p1-1.dsc.debdiff.xz
Description: application/xz
