From 7b05b691041d894508b22148c872b266d0c2f5ee Mon Sep 17 00:00:00 2001 From: gudni Date: Thu, 17 Jul 2025 13:53:58 +0000 Subject: [PATCH] mbedtls: upgrade 3.6.3.1 -> 3.6.4 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fixes several security vulnerabilities: CVE-2025-49601, CVE-2025-49600, CVE-2025-52496, CVE-2025-47917, CVE-2025-48965, CVE-2025-52497, and CVE-2025-49087 The framework directory has been changed into a git submodule.[1][2] The recipe now uses Git Submodule Fetcher (gitsm) Changelog: https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.6.4 [1] https://github.com/Mbed-TLS/mbedtls/commit/8cf5666a174237998a7965e284d7ba8c1655d16d [2] https://github.com/Mbed-TLS/mbedtls/commit/c90c6d8ff787ab8787d9373b0e662a95ed1f4dae Signed-off-by: Guðni Már Gilbert Signed-off-by: Khem Raj Signed-off-by: Armin Kuster --- .../mbedtls/{mbedtls_3.6.3.1.bb => mbedtls_3.6.4.bb} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename meta-networking/recipes-connectivity/mbedtls/{mbedtls_3.6.3.1.bb => mbedtls_3.6.4.bb} (95%) diff --git a/meta-networking/recipes-connectivity/mbedtls/mbedtls_3.6.3.1.bb b/meta-networking/recipes-connectivity/mbedtls/mbedtls_3.6.4.bb similarity index 95% rename from meta-networking/recipes-connectivity/mbedtls/mbedtls_3.6.3.1.bb rename to meta-networking/recipes-connectivity/mbedtls/mbedtls_3.6.4.bb index 1e99f92306..0905c14aa7 100644 --- a/meta-networking/recipes-connectivity/mbedtls/mbedtls_3.6.3.1.bb +++ b/meta-networking/recipes-connectivity/mbedtls/mbedtls_3.6.4.bb @@ -23,11 +23,11 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=379d5819937a6c2f1ef1630d341e026d" SECTION = "libs" S = "${WORKDIR}/git" -SRC_URI = "git://github.com/Mbed-TLS/mbedtls.git;protocol=https;branch=main;tag=v${PV} \ +SRC_URI = "gitsm://github.com/Mbed-TLS/mbedtls.git;protocol=https;branch=mbedtls-3.6;tag=v${PV} \ file://run-ptest \ " -SRCREV = "6fb5120fde4ab889bea402f5ab230c720b0a3b9a" +SRCREV = "c765c831e5c2a0971410692f92f7a81d6ec65ec2" UPSTREAM_CHECK_GITTAGREGEX = "v(?P\d+(\.\d+)+)"