diff --git a/ChangeLog b/ChangeLog
index 2e2e9f855..342017718 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -33,6 +33,10 @@ Security
      unless you allow third parties to pick trust CAs for client auth.
      Found by Guido Vranken, Intelworks.
 
+Bugfix
+   * Fix compile error in net.c with musl libc. Found and patch provided by
+     zhasha (#278).
+
 Changes
    * Added checking of hostname length in mbedtls_ssl_set_hostname() to ensure
      domain names are compliant with RFC 1035.
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 6e9d8f3df..68153efdc 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -1246,6 +1246,8 @@
  * If set, the X509 parser will not break-off when parsing an X509 certificate
  * and encountering an unknown critical extension.
  *
+ * \warning Depending on your PKI use, enabling this can be a security risk!
+ *
  * Uncomment to prevent an error.
  */
 //#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
diff --git a/library/net.c b/library/net.c
index b5d06888b..a77268c55 100644
--- a/library/net.c
+++ b/library/net.c
@@ -292,7 +292,7 @@ int mbedtls_net_accept( mbedtls_net_context *bind_ctx,
     struct sockaddr_storage client_addr;
 
 #if defined(__socklen_t_defined) || defined(_SOCKLEN_T) ||  \
-    defined(_SOCKLEN_T_DECLARED)
+    defined(_SOCKLEN_T_DECLARED) || defined(__DEFINED_socklen_t)
     socklen_t n = (socklen_t) sizeof( client_addr );
     socklen_t type_len = (socklen_t) sizeof( type );
 #else
diff --git a/yotta/data/module.json b/yotta/data/module.json
index 9a9e8a164..843667544 100644
--- a/yotta/data/module.json
+++ b/yotta/data/module.json
@@ -10,9 +10,9 @@
     ],
     "dependencies": {},
     "targetDependencies": {
-        "mbed": { "cmsis-core": "~0.2.3" }
+        "mbed": { "cmsis-core": "~0.3.0" }
     },
     "testTargetDependencies": {
-        "mbed": { "sockets": "~0.4.0" }
+        "mbed": { "sockets": "~0.5.0" }
     }
 }