From f624e41f38e82e3b2df83e309e7bb00b68ad0091 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20=C5=A0tetiar?= <ynezz@true.cz>
Date: Mon, 3 Oct 2022 19:03:15 +0200
Subject: [PATCH] treewide: fix security issues by bumping all packages using
 libwolfssl
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

As wolfSSL is having hard time maintaining ABI compatibility between
releases, we need to manually force rebuild of packages depending on
libwolfssl and thus force their upgrade. Otherwise due to the ABI
handling we would endup with possibly two libwolfssl libraries in the
system, including the patched libwolfssl-5.5.1, but still have
vulnerable services running using the vulnerable libwolfssl-5.4.0.

So in order to propagate update of libwolfssl to latest stable release
done in commit ec8fb542ec3e4 ("wolfssl: fix TLSv1.3 RCE in uhttpd by
using 5.5.1-stable (CVE-2022-39173)") which fixes several remotely
exploitable vulnerabilities, we need to bump PKG_RELEASE of all packages
using wolfSSL library.

Same bump has been done in buildroot in commit f1b7e1434f66 ("treewide:
fix security issues by bumping all packages using libwolfssl").

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 845d81ca0976c82829addc23e9e8b95885c910ee)
---
 libs/libuhttpd/Makefile   | 2 +-
 libs/libuwsc/Makefile     | 2 +-
 net/coova-chilli/Makefile | 2 +-
 net/curl/Makefile         | 2 +-
 net/lighttpd/Makefile     | 2 +-
 net/openvpn/Makefile      | 2 +-
 net/strongswan/Makefile   | 2 +-
 net/wifidog/Makefile      | 2 +-
 utils/rtty/Makefile       | 2 +-
 9 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/libs/libuhttpd/Makefile b/libs/libuhttpd/Makefile
index d4d48eb49..85cdcabb1 100644
--- a/libs/libuhttpd/Makefile
+++ b/libs/libuhttpd/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=libuhttpd
 PKG_VERSION:=3.12.1
-PKG_RELEASE:=3
+PKG_RELEASE:=4
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL=https://github.com/zhaojh329/libuhttpd/releases/download/v$(PKG_VERSION)
diff --git a/libs/libuwsc/Makefile b/libs/libuwsc/Makefile
index 41f7609f0..0f861ea2b 100644
--- a/libs/libuwsc/Makefile
+++ b/libs/libuwsc/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=libuwsc
 PKG_VERSION:=3.3.5
-PKG_RELEASE:=$(AUTORELEASE)
+PKG_RELEASE:=$(AUTORELEASE).1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL=https://github.com/zhaojh329/libuwsc/releases/download/v$(PKG_VERSION)
diff --git a/net/coova-chilli/Makefile b/net/coova-chilli/Makefile
index ece113869..88b98ab44 100644
--- a/net/coova-chilli/Makefile
+++ b/net/coova-chilli/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=coova-chilli
 PKG_VERSION:=1.6
-PKG_RELEASE:=$(AUTORELEASE)
+PKG_RELEASE:=$(AUTORELEASE).1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://codeload.github.com/coova/coova-chilli/tar.gz/$(PKG_VERSION)?
diff --git a/net/curl/Makefile b/net/curl/Makefile
index 53916b044..6d0c48484 100644
--- a/net/curl/Makefile
+++ b/net/curl/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=curl
 PKG_VERSION:=7.85.0
-PKG_RELEASE:=$(AUTORELEASE)
+PKG_RELEASE:=$(AUTORELEASE).1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
 PKG_SOURCE_URL:=https://github.com/curl/curl/releases/download/curl-$(subst .,_,$(PKG_VERSION))/ \
diff --git a/net/lighttpd/Makefile b/net/lighttpd/Makefile
index dab11f17f..c4cb274b9 100644
--- a/net/lighttpd/Makefile
+++ b/net/lighttpd/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=lighttpd
 PKG_VERSION:=1.4.67
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 # release candidate ~rcX testing; remove for release
 #PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-1.4.67
 
diff --git a/net/openvpn/Makefile b/net/openvpn/Makefile
index 86c7e88f5..489145327 100644
--- a/net/openvpn/Makefile
+++ b/net/openvpn/Makefile
@@ -10,7 +10,7 @@ include $(TOPDIR)/rules.mk
 PKG_NAME:=openvpn
 
 PKG_VERSION:=2.5.7
-PKG_RELEASE:=2
+PKG_RELEASE:=3
 
 PKG_SOURCE_URL:=\
 	https://build.openvpn.net/downloads/releases/ \
diff --git a/net/strongswan/Makefile b/net/strongswan/Makefile
index 1f9101f88..8863a928c 100644
--- a/net/strongswan/Makefile
+++ b/net/strongswan/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=strongswan
 PKG_VERSION:=5.9.5
-PKG_RELEASE:=$(AUTORELEASE)
+PKG_RELEASE:=$(AUTORELEASE).1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
 PKG_SOURCE_URL:=https://download.strongswan.org/ https://download2.strongswan.org/
diff --git a/net/wifidog/Makefile b/net/wifidog/Makefile
index 900d8a648..28af32498 100644
--- a/net/wifidog/Makefile
+++ b/net/wifidog/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=wifidog
 PKG_VERSION:=1.3.0
-PKG_RELEASE:=7
+PKG_RELEASE:=8
 
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://github.com/wifidog/wifidog-gateway
diff --git a/utils/rtty/Makefile b/utils/rtty/Makefile
index 0b995eb42..856af6c73 100644
--- a/utils/rtty/Makefile
+++ b/utils/rtty/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=rtty
 PKG_VERSION:=8.0.1
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL=https://github.com/zhaojh329/rtty/releases/download/v$(PKG_VERSION)