similarity index 95%
rename from meta-oe/recipes-crypto/leancrypto/leancrypto_1.7.0.bb
rename to meta-oe/recipes-crypto/leancrypto/leancrypto_1.7.1.bb
@@ -14,11 +14,12 @@ SECTION = "libs"
SRC_URI = "git://github.com/smuellerDD/leancrypto.git;branch=master;protocol=https;tag=v${PV} \
file://leancrypto-tests.sh \
"
-# SRCREV tagged v1.7.0
-SRCREV = "e60fba94e8cabf1661a1da488b78b84a4fba56e9"
+SRCREV = "e7fa8c87a46c5787174c18fac385aa08eecdedd1"
inherit pkgconfig meson
+CVE_STATUS[CVE-2026-34610] = "fixed-version: fixed since v1.7.1"
+
EXTRA_OEMESON = "-Dstrip=false"
TARGET_LDFLAGS:append = " ${DEBUG_PREFIX_MAP}"
Contains fix for CVE-2026-34610 (which is however tracked without a version by NVD, so it is marked as patched explicitly) Changelog: - Offer a means to select the AES-C constant time / S-Box implementation via lc_init API - use the AES-C constant time implementation by default - it is about 3 times slower than the AES-C S-Box implementation, but more secure. As the leancrypto library is about secure by default, the CT implementation is just right. Furthermore, if a caller wants to have the faster AES-C S-Box, he can call lc_init(LC_INIT_AES_SBOX) at the beginning. - X.509: fix security issue (CVE-2026-34610) Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> --- .../leancrypto/{leancrypto_1.7.0.bb => leancrypto_1.7.1.bb} | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) rename meta-oe/recipes-crypto/leancrypto/{leancrypto_1.7.0.bb => leancrypto_1.7.1.bb} (95%)