Buildroot Archive on lore.kernel.org
 help / color / mirror / Atom feed
From: Thomas Perale via buildroot <buildroot@buildroot.org>
To: buildroot@buildroot.org
Cc: "Jérôme Pouiller" <jezz@sysmic.org>,
	"Sergio Prado" <sergio.prado@e-labworks.com>
Subject: [Buildroot] [PATCH 2/2] package/wolfssl: security bump to v5.9.2
Date: Tue, 30 Jun 2026 23:27:17 +0200	[thread overview]
Message-ID: <20260630212717.604030-2-thomas.perale@mind.be> (raw)
In-Reply-To: <20260630212717.604030-1-thomas.perale@mind.be>

For more information about the release, see:

- https://github.com/wolfSSL/wolfssl/releases/tag/v5.9.2-stable

Fixes the following vulnerabilities:

- CVE-2026-6091: https://www.cve.org/CVERecord?id=CVE-2026-6091

- CVE-2026-6092: https://www.cve.org/CVERecord?id=CVE-2026-6092

- CVE-2026-6094: https://www.cve.org/CVERecord?id=CVE-2026-6094

- CVE-2026-6291: https://www.cve.org/CVERecord?id=CVE-2026-6291

- CVE-2026-6325: https://www.cve.org/CVERecord?id=CVE-2026-6325

- CVE-2026-6329: https://www.cve.org/CVERecord?id=CVE-2026-6329

- CVE-2026-6330: https://www.cve.org/CVERecord?id=CVE-2026-6330

- CVE-2026-6331: https://www.cve.org/CVERecord?id=CVE-2026-6331

- CVE-2026-6412: https://www.cve.org/CVERecord?id=CVE-2026-6412

- CVE-2026-6450: https://www.cve.org/CVERecord?id=CVE-2026-6450

- CVE-2026-6678: https://www.cve.org/CVERecord?id=CVE-2026-6678

- CVE-2026-6681: https://www.cve.org/CVERecord?id=CVE-2026-6681

- CVE-2026-6731: https://www.cve.org/CVERecord?id=CVE-2026-6731

- CVE-2026-7511: https://www.cve.org/CVERecord?id=CVE-2026-7511

- CVE-2026-7531: https://www.cve.org/CVERecord?id=CVE-2026-7531

- CVE-2026-7532: https://www.cve.org/CVERecord?id=CVE-2026-7532

- CVE-2026-8720: https://www.cve.org/CVERecord?id=CVE-2026-8720

- CVE-2026-10097: https://www.cve.org/CVERecord?id=CVE-2026-10097

- CVE-2026-10098: https://www.cve.org/CVERecord?id=CVE-2026-10098

- CVE-2026-10512: https://www.cve.org/CVERecord?id=CVE-2026-10512

- CVE-2026-10592: https://www.cve.org/CVERecord?id=CVE-2026-10592

- CVE-2026-11310: https://www.cve.org/CVERecord?id=CVE-2026-11310

- CVE-2026-11703: https://www.cve.org/CVERecord?id=CVE-2026-11703

- CVE-2026-11999: https://www.cve.org/CVERecord?id=CVE-2026-11999

- CVE-2026-12340: https://www.cve.org/CVERecord?id=CVE-2026-12340

- CVE-2026-55958: https://www.cve.org/CVERecord?id=CVE-2026-55958

- CVE-2026-55960: https://www.cve.org/CVERecord?id=CVE-2026-55960

- CVE-2026-55961: https://www.cve.org/CVERecord?id=CVE-2026-55961

- CVE-2026-55962: https://www.cve.org/CVERecord?id=CVE-2026-55962

- CVE-2026-55964: https://www.cve.org/CVERecord?id=CVE-2026-55964

- CVE-2026-55967: https://www.cve.org/CVERecord?id=CVE-2026-55967

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
---
 ...TS_H-in-options.h-rather-than-config.patch | 59 -------------------
 package/wolfssl/wolfssl.hash                  |  2 +-
 package/wolfssl/wolfssl.mk                    |  2 +-
 3 files changed, 2 insertions(+), 61 deletions(-)
 delete mode 100644 package/wolfssl/0001-Define-HAVE_LIMITS_H-in-options.h-rather-than-config.patch

diff --git a/package/wolfssl/0001-Define-HAVE_LIMITS_H-in-options.h-rather-than-config.patch b/package/wolfssl/0001-Define-HAVE_LIMITS_H-in-options.h-rather-than-config.patch
deleted file mode 100644
index 0599f9d615..0000000000
--- a/package/wolfssl/0001-Define-HAVE_LIMITS_H-in-options.h-rather-than-config.patch
+++ /dev/null
@@ -1,59 +0,0 @@
-From b54173fc402c30e81d66b84e2f9725cb6d944b40 Mon Sep 17 00:00:00 2001
-From: Kareem <kareem@wolfssl.com>
-Date: Fri, 27 Mar 2026 17:01:02 -0700
-Subject: [PATCH] Define HAVE_LIMITS_H in options.h rather than config.h since
- types.h depends on this definition and config.h isn't consistently available
- at runtime. Fixes #9936.
-
-Upstream: https://github.com/wolfSSL/wolfssl/pull/10097
-
-Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
----
- cmake/config.in    | 3 ---
- cmake/options.h.in | 3 +++
- configure.ac       | 4 +++-
- 3 files changed, 6 insertions(+), 4 deletions(-)
-
-diff --git a/cmake/config.in b/cmake/config.in
-index f2524e41e43..6054b6dbe7b 100644
---- a/cmake/config.in
-+++ b/cmake/config.in
-@@ -19,9 +19,6 @@
- /* Define to 1 if you have the `gmtime_r' function. */
- #cmakedefine HAVE_GMTIME_R @HAVE_GMTIME_R@
- 
--/* Define to 1 if you have the <limits.h> header file. */
--#cmakedefine HAVE_LIMITS_H @HAVE_LIMITS_H@
--
- /* Define to 1 if you have the <pcap/pcap.h> header file. */
- #cmakedefine HAVE_PCAP_PCAP_H @HAVE_PCAP_PCAP_H@
- 
-diff --git a/cmake/options.h.in b/cmake/options.h.in
-index 985b54241d6..c46ada8045d 100644
---- a/cmake/options.h.in
-+++ b/cmake/options.h.in
-@@ -33,6 +33,9 @@ extern "C" {
- #endif
- 
- #ifndef WOLFSSL_OPTIONS_IGNORE_SYS
-+/* Since types.h depends on HAVE_LIMITS_H, we must define it in options.h. */
-+#undef HAVE_LIMITS_H
-+#cmakedefine HAVE_LIMITS_H @HAVE_LIMITS_H@
- #undef _GNU_SOURCE
- #cmakedefine _GNU_SOURCE
- #undef _POSIX_THREADS
-diff --git a/configure.ac b/configure.ac
-index bce600f2ecc..c5cf9f320c7 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -185,7 +185,9 @@ AC_ARG_ENABLE([freebsdkm-crypto-register],
-     [ENABLED_BSDKM_REGISTER=no]
-     )
- 
--AC_CHECK_HEADERS([arpa/inet.h fcntl.h limits.h netdb.h netinet/in.h stddef.h time.h sys/ioctl.h sys/socket.h sys/time.h errno.h sys/un.h ctype.h sys/random.h])
-+AC_CHECK_HEADERS([arpa/inet.h fcntl.h netdb.h netinet/in.h stddef.h time.h sys/ioctl.h sys/socket.h sys/time.h errno.h sys/un.h ctype.h sys/random.h])
-+# Special case: Since types.h depends on HAVE_LIMITS_H, we must define it in options.h.
-+AC_CHECK_HEADER([limits.h], [AM_CPPFLAGS="$AM_CPPFLAGS -DHAVE_LIMITS_H=1"], [])
- AC_CHECK_LIB([network],[socket])
- AC_C_BIGENDIAN
- AC_C___ATOMIC
diff --git a/package/wolfssl/wolfssl.hash b/package/wolfssl/wolfssl.hash
index e1ecd5f98a..c259734875 100644
--- a/package/wolfssl/wolfssl.hash
+++ b/package/wolfssl/wolfssl.hash
@@ -1,5 +1,5 @@
 # Locally computed:
-sha256  d5ca7af48cd2d9a91d539e9baedeba55a0605a28d7ac8b01dc3d5254a13ca341  wolfssl-5.9.1.tar.gz
+sha256  2f4ef3d4fd387a9b3191d36a6316d69116c46ff69bb9583b6c82b36d7b8ca114  wolfssl-5.9.2.tar.gz
 
 # Hash for license files:
 sha256  8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b903  COPYING
diff --git a/package/wolfssl/wolfssl.mk b/package/wolfssl/wolfssl.mk
index 44f51e06e6..779fd2cabf 100644
--- a/package/wolfssl/wolfssl.mk
+++ b/package/wolfssl/wolfssl.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-WOLFSSL_VERSION = 5.9.1
+WOLFSSL_VERSION = 5.9.2
 WOLFSSL_SITE = $(call github,wolfSSL,wolfssl,v$(WOLFSSL_VERSION)-stable)
 WOLFSSL_INSTALL_STAGING = YES
 
-- 
2.54.0

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

  reply	other threads:[~2026-06-30 21:27 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-06-30 21:27 [Buildroot] [PATCH 1/2] package/strongswan: fix build w/ wolfssl 5.9.2 Thomas Perale via buildroot
2026-06-30 21:27 ` Thomas Perale via buildroot [this message]
2026-07-04 14:42 ` Julien Olivain via buildroot

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20260630212717.604030-2-thomas.perale@mind.be \
    --to=buildroot@buildroot.org \
    --cc=jezz@sysmic.org \
    --cc=sergio.prado@e-labworks.com \
    --cc=thomas.perale@mind.be \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox