Bug 255084 - security/mbedtls: Update to >= 2.25
Summary: security/mbedtls: Update to >= 2.25
Status: Open
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Tijl Coosemans
URL:
Keywords: needs-patch
Depends on:
Blocks:
 
Reported: 2021-04-15 09:21 UTC by Tobias Kortkamp
Modified: 2021-05-01 03:36 UTC (History)
2 users (show)

See Also:
bugzilla: maintainer-feedback? (tijl)


Attachments
mbedtls-2.26.0.patch (34.07 KB, patch)
2021-05-01 03:36 UTC, takefu
takefu: maintainer-approval+
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Tobias Kortkamp freebsd_committer 2021-04-15 09:21:23 UTC
Hi,

this is more of a request and is not very important. I don't have time to submit
a patch. Can you update mbedtls to a newer version? FWICT, security/uacme
needs at least 2.25.

Thanks.
Comment 1 daniel.engberg.lists 2021-04-15 15:25:17 UTC
Not a fix for the version bump but perhaps it's worth deprecating support as mbedtls doesn't support TLS 1.3 in uacme?
https://github.com/ARMmbed/mbedtls/issues/508 and the linked issues
Comment 2 Tobias Kortkamp freebsd_committer 2021-04-17 07:39:36 UTC
(In reply to daniel.engberg.lists from comment #1)
Sorry, it's a little unclear to me what specifically you want to
deprecate?
Comment 3 daniel.engberg.lists 2021-04-17 16:48:44 UTC
Remove support for mbedtls in uacme altogether as we can probably assume that we'll never see TLS 1.3 support within a reasonable amount of time.
Comment 4 Tijl Coosemans freebsd_committer 2021-04-18 12:00:39 UTC
2.16 is the latest stable branch.  All newer releases are essentially snapshots of the development branch.  The next stable branch is expected mid 2021.  I'd like to wait until then.
Comment 5 takefu 2021-05-01 03:36:35 UTC
Created attachment 224585 [details]
mbedtls-2.26.0.patch

Update to 2.26.0