From 7e14e7f5bd8d187262b67dbdde370a8540bdde98 Mon Sep 17 00:00:00 2001
From: "harshal.patil" <harshal.patil@espressif.com>
Date: Wed, 20 Sep 2023 10:39:58 +0530
Subject: [PATCH] feat(bootloader): Update micro-ecc version to v1.1

This fix ensures that https://nvd.nist.gov/vuln/detail/CVE-2020-27209 is not
reported by the ESP-IDF SBOM tool. Please note that, this CVE was anyways not
applicable for ESP32 platform, as the bootloader (user of micro-ecc library)
do not perform signing on the device, its only verification that happens in
secure-boot-v1 case.
---
 .gitmodules                                                   | 4 ++--
 .../bootloader/subproject/components/micro-ecc/micro-ecc      | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.gitmodules b/.gitmodules
index ee027c06db..92e20e6312 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -34,12 +34,12 @@
 [submodule "components/bootloader/subproject/components/micro-ecc/micro-ecc"]
 	path = components/bootloader/subproject/components/micro-ecc/micro-ecc
 	url = ../../kmackay/micro-ecc.git
-	sbom-version = 1.0
+	sbom-version = 1.1
 	sbom-cpe = cpe:2.3:a:micro-ecc_project:micro-ecc:{}:*:*:*:*:*:*:*
 	sbom-supplier = Person: Ken MacKay
 	sbom-url = https://github.com/kmackay/micro-ecc
 	sbom-description = A small and fast ECDH and ECDSA implementation for 8-bit, 32-bit, and 64-bit processors
-	sbom-hash = d037ec89546fad14b5c4d5456c2e23a71e554966
+	sbom-hash = 24c60e243580c7868f4334a1ba3123481fe1aa48
 
 [submodule "components/coap/libcoap"]
 	path = components/coap/libcoap
diff --git a/components/bootloader/subproject/components/micro-ecc/micro-ecc b/components/bootloader/subproject/components/micro-ecc/micro-ecc
index d037ec8954..24c60e2435 160000
--- a/components/bootloader/subproject/components/micro-ecc/micro-ecc
+++ b/components/bootloader/subproject/components/micro-ecc/micro-ecc
@@ -1 +1 @@
-Subproject commit d037ec89546fad14b5c4d5456c2e23a71e554966
+Subproject commit 24c60e243580c7868f4334a1ba3123481fe1aa48