From f51fe152e802aacb913c8b447fb56d4a8b01c643 Mon Sep 17 00:00:00 2001
From: Beniamin Sandu <beniaminsandu@gmail.com>
Date: Mon, 5 Feb 2024 22:40:43 +0000
Subject: [PATCH] mbedtls: upgrade 2.28.4 -> 2.28.7

Includes security fixes for:
CVE-2023-43615 - Buffer overread in TLS stream cipher suites
CVE-2024-23170 - Timing side channel in private key RSA operations
CVE-2024-23775 - Buffer overflow in mbedtls_x509_set_extension()

Other changes:
https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-2.28.5

License updated to dual Apache-2.0 OR GPL-2.0-or-later.

Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
 .../mbedtls/{mbedtls_2.28.4.bb => mbedtls_2.28.7.bb}        | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)
 rename meta-networking/recipes-connectivity/mbedtls/{mbedtls_2.28.4.bb => mbedtls_2.28.7.bb} (95%)

diff --git a/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.4.bb b/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.7.bb
similarity index 95%
rename from meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.4.bb
rename to meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.7.bb
index 80ec8a5af5..9a6487ccd9 100644
--- a/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.4.bb
+++ b/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.7.bb
@@ -17,13 +17,13 @@ understand what the code does. It features:                          \
 
 HOMEPAGE = "https://tls.mbed.org/"
 
-LICENSE = "Apache-2.0"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
+LICENSE = "Apache-2.0 | GPL-2.0-or-later"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=379d5819937a6c2f1ef1630d341e026d"
 
 SECTION = "libs"
 
 S = "${WORKDIR}/git"
-SRCREV = "aeb97a18913a86f051afab11b2c92c6be0c2eb83"
+SRCREV = "555f84735aecdbd76a566cf087ec8425dfb0c8ab"
 SRC_URI = "git://github.com/ARMmbed/mbedtls.git;protocol=https;branch=mbedtls-2.28 \
            file://run-ptest \
           "