This is an updated release of Azure RTOS NetX Duo that includes multiple bug fixes and improvements:
WRECK issue has been identified as a potential Denial of Service vulnerability. It was discovered and fixed in NetX prior to the publication of the NAME:WRECK report. Microsoft's position is that this is not a critical vulnerability as it does not appear to lead to remote code execution (RCE) or serious data breach but if you are concerned about the issue, we recommend upgrading your NetX to version 6.1.3 or later.
In this release, the following features are added:
- Port files for cortex_m23, cortex_m33, and Renesas RXv2
- Added Precision Time Protocol (PTP) support in addons/ptp
The following files are modified:
- common/inc/nx_api.h - Updated product constants.
- common/src/nx_utility.c - Added function to convert string to number.
- common/src/nx_ipv6_process_hop_by_hop_option.c - Improved buffer read overflow check.
- common/src/nx_utility.c - Added function to convert string to number.
- addons/dhcp/nx_dhcp_server.c - Fixed obsolescent functions
- addons/dns/nx_dns.c - Added resource name length as an input argument, added logic to prevent infinite loop in name compression.
- addons/mdns/nxd_mdns.c - Added logic to prevent infinite loop in name compression
- nx_secure/src/nx_secure_dtls_client_handshake.c - Added null pointer checking,
The following files are changed to improve packet length verification:
- addons/ftp/nx_ftp_server.c
- addons/pppoe/nx_pppoe_client.c
- addons/mdns/nxd_mdns.c
- nx_secure/src/nx_secure_dtls_client_handshake.c
- nx_secure/src/nx_secure_dtls_process_clienthello.c
- nx_secure/src/nx_secure_dtls_process_handshake_header.c
- nx_secure/src/nx_secure_dtls_process_record.c
- nx_secure/src/nx_secure_dtls_server_handshake.c
- nx_secure/src/nx_secure_tls_1_3_client_handshake.c
- nx_secure/src/nx_secure_tls_1_3_server_handshake.c
- nx_secure/src/nx_secure_tls_client_handshake.c
- nx_secure/src/nx_secure_tls_process_handshake_header.c
- nx_secure/src/nx_secure_tls_server_handshake.c