wolfssl - Debian Package Tracker

general

source: wolfssl (main)
version: 5.7.2-0.1
maintainer: Jacob Barthelmeh (DMD)
arch: any
std-ver: 4.6.1
VCS: unknown

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 4.6.0+p1-0+deb11u2
old-bpo: 5.5.4-2~bpo11+1
stable: 5.5.4-2+deb12u1
testing: 5.7.2-0.1
unstable: 5.7.2-0.1

versioned links

4.6.0+p1-0+deb11u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.5.4-2~bpo11+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.5.4-2+deb12u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.7.2-0.1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libwolfssl-dev
libwolfssl42t64

action needed

A new upstream version is available: 5.8.0 high

A new upstream version 5.8.0 is available, you should consider packaging it.

Created: 2024-10-25 Last update: 2025-06-19 04:33

lintian reports 1 error high

Lintian reports 1 error about this package. You should make the package lintian clean getting rid of them.

Created: 2024-09-24 Last update: 2024-09-24 00:02

10 low-priority security issues in bookworm low

There are 10 open security issues in bookworm.

10 issues left for the package maintainer to handle:

CVE-2023-6936: (needs triaging) In wolfSSL prior to 5.6.6, if callback functions are enabled (via the WOLFSSL_CALLBACKS flag), then a malicious TLS client or network attacker can trigger a buffer over-read on the heap of 5 bytes (WOLFSSL_CALLBACKS is only intended for debugging).
CVE-2023-6937: (needs triaging) wolfSSL prior to 5.6.6 did not check that messages in one (D)TLS record do not span key boundaries. As a result, it was possible to combine (D)TLS messages using different keys into one (D)TLS record. The most extreme edge case is that, in (D)TLS 1.3, it was possible that an unencrypted (D)TLS 1.3 record from the server containing first a ServerHello message and then the rest of the first server flight would be accepted by a wolfSSL client. In (D)TLS 1.3 the handshake is encrypted after the ServerHello but a wolfSSL client would accept an unencrypted flight from the server. This does not compromise key negotiation and authentication so it is assigned a low severity rating.
CVE-2024-0901: (needs triaging) Remotely executed SEGV and out of bounds read allows malicious packet sender to crash or cause an out of bounds read via sending a malformed packet with the correct length.
CVE-2024-1543: (needs triaging) The side-channel protected T-Table implementation in wolfSSL up to version 5.6.5 protects against a side-channel attacker with cache-line resolution. In a controlled environment such as Intel SGX, an attacker can gain a per instruction sub-cache-line resolution allowing them to break the cache-line-level protection. For details on the attack refer to: https://doi.org/10.46586/tches.v2024.i1.457-500
CVE-2024-1544: (needs triaging) Generating the ECDSA nonce k samples a random number r and then truncates this randomness with a modular reduction mod n where n is the order of the elliptic curve. Meaning k = r mod n. The division used during the reduction estimates a factor q_e by dividing the upper two digits (a digit having e.g. a size of 8 byte) of r by the upper digit of n and then decrements q_e in a loop until it has the correct size. Observing the number of times q_e is decremented through a control-flow revealing side-channel reveals a bias in the most significant bits of k. Depending on the curve this is either a negligible bias or a significant bias large enough to reconstruct k with lattice reduction methods. For SECP160R1, e.g., we find a bias of 15 bits.
CVE-2024-1545: (needs triaging) Fault Injection vulnerability in RsaPrivateDecryption function in wolfssl/wolfcrypt/src/rsa.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the RsaKey structure.
CVE-2024-2881: (needs triaging) Fault Injection vulnerability in wc_ed25519_sign_msg function in wolfssl/wolfcrypt/src/ed25519.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the ed25519_key structure.
CVE-2024-5288: (needs triaging) An issue was discovered in wolfSSL before 5.7.0. A safe-error attack via Rowhammer, namely FAULT+PROBE, leads to ECDSA key disclosure. When WOLFSSL_CHECK_SIG_FAULTS is used in signing operations with private ECC keys, such as in server-side TLS connections, the connection is halted if any fault occurs. The success rate in a certain amount of connection requests can be processed via an advanced technique for ECDSA key recovery.
CVE-2024-5814: (needs triaging) A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection. This is because, aside from the extensions, the client was skipping fully parsing the server hello. https://doi.org/10.46586/tches.v2024.i1.457-500
CVE-2024-5991: (needs triaging) In function MatchDomainName(), input param str is treated as a NULL terminated string despite being user provided and unchecked. Specifically, the function X509_check_host() takes in a pointer and length to check against, with no requirements that it be NULL terminated. If a caller was attempting to do a name check on a non-NULL terminated buffer, the code would read beyond the bounds of the input array until it found a NULL terminator.This issue affects wolfSSL: through 5.7.0.

You can find information about how to handle these issues in the security team's documentation.

Created: 2023-12-23 Last update: 2025-02-27 05:02

debian/patches: 2 patches to forward upstream low

Among the 6 debian patches available in version 5.7.2-0.1 of the package, we noticed the following issues:

2 patches where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.

Created: 2023-02-26 Last update: 2024-09-23 18:35

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.2 instead of 4.6.1).

Created: 2022-12-17 Last update: 2025-02-27 13:25

news

[rss feed]

[2024-09-25] wolfssl 5.7.2-0.1 MIGRATED to testing (Debian testing watch)
[2024-09-23] Accepted wolfssl 5.7.2-0.1 (source) into unstable (Bastian Germann) (signed by: bage@debian.org)
[2024-05-05] wolfssl 5.7.0-0.3 MIGRATED to testing (Debian testing watch)
[2024-05-03] Accepted wolfssl 5.7.0-0.3 (source) into unstable (Bastian Germann) (signed by: bage@debian.org)
[2024-05-02] Accepted wolfssl 5.7.0-0.2 (source) into experimental (Bastian Germann) (signed by: bage@debian.org)
[2024-04-26] wolfssl 5.6.6-1.3 MIGRATED to testing (Debian testing watch)
[2024-04-08] Accepted wolfssl 5.7.0-0.1 (source) into experimental (Bastian Germann) (signed by: bage@debian.org)
[2024-02-29] Accepted wolfssl 5.6.6-1.3 (source) into unstable (Steve Langasek)
[2024-02-04] Accepted wolfssl 5.6.6-1.3~exp1 (source) into experimental (Steve Langasek)
[2024-01-15] Accepted wolfssl 5.5.4-2+deb12u1 (source) into proposed-updates (Debian FTP Masters) (signed by: bage@debian.org)
[2023-12-30] wolfssl 5.6.6-1.2 MIGRATED to testing (Debian testing watch)
[2023-12-27] Accepted wolfssl 5.6.6-1.2 (source) into unstable (Bastian Germann) (signed by: bage@debian.org)
[2023-12-26] Accepted wolfssl 4.6.0+p1-0+deb11u2 (source) into oldstable-proposed-updates (Debian FTP Masters) (signed by: bage@debian.org)
[2023-12-23] Accepted wolfssl 5.6.6-1.1 (source) into experimental (Bastian Germann) (signed by: bage@debian.org)
[2023-12-22] Accepted wolfssl 5.6.6-1 (source i386) into experimental (Debian FTP Masters) (signed by: bage@debian.org)
[2023-11-15] wolfssl 5.6.4-2 MIGRATED to testing (Debian testing watch)
[2023-11-13] Accepted wolfssl 5.6.4-2 (source) into unstable (Jacob Barthelmeh) (signed by: bage@debian.org)
[2023-11-05] Accepted wolfssl 5.6.4-1 (source amd64) into experimental (Debian FTP Masters) (signed by: bage@debian.org)
[2023-11-01] Accepted wolfssl 5.5.4-2~bpo11+1 (source) into bullseye-backports (Debian FTP Masters) (signed by: bage@debian.org)
[2023-10-26] wolfssl 5.5.4-2.1 MIGRATED to testing (Debian testing watch)
[2023-10-23] Accepted wolfssl 5.5.4-2.1 (source) into unstable (Bastian Germann) (signed by: bage@debian.org)
[2023-02-09] wolfssl 5.5.4-2 MIGRATED to testing (Debian testing watch)
[2023-02-06] Accepted wolfssl 5.5.4-2 (source) into unstable (Felix Lechner)
[2022-12-30] wolfssl 5.5.4-1 MIGRATED to testing (Debian testing watch)
[2022-12-27] Accepted wolfssl 5.5.4-1 (source) into unstable (Felix Lechner)
[2022-11-19] Accepted wolfssl 5.5.3-3~bpo11+1 (source amd64) into bullseye-backports (Debian FTP Masters) (signed by: Felix Lechner)
[2022-11-14] wolfssl 5.5.3-3 MIGRATED to testing (Debian testing watch)
[2022-11-11] Accepted wolfssl 5.5.3-3 (source) into unstable (Felix Lechner)
[2022-11-10] Accepted wolfssl 5.5.3-2 (source) into unstable (Felix Lechner)
[2022-11-10] Accepted wolfssl 5.5.3-1 (source amd64) into unstable (Debian FTP Masters) (signed by: Felix Lechner)

bugs [bug history graph]

all: 0

links

homepage
lintian (1, 0)
buildd: logs, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
debian patches
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 5.7.2-0.1