openssl: Upgrade 3.0.8 -> 3.0.9 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Peter Marko <peter.marko@siemens.com>	2023-05-31 20:45:54 +0200
committer	Steve Sakoman <steve@sakoman.com>	2023-06-14 04:16:59 -1000
commit	fb53a9ec2b77d9cc5291a74c8e6edd4021833737 (patch)
tree	1bd0028196a22845793b72d439f3b9e09f2b0a81 /meta/recipes-devtools/python/python3-requests_2.27.1.bb
parent	875400f96f1e3d9f240cd02a781c79efa4d2233f (diff)
download	poky-fb53a9ec2b77d9cc5291a74c8e6edd4021833737.tar.gz

openssl: Upgrade 3.0.8 -> 3.0.9

* fix CVEs CVE-2023-1255 and CVE-2023-2650 * drop CVE patches merged upstream * refresh 0001-Configure-do-not-tweak-mips-cflags.patch https://www.openssl.org/news/openssl-3.0-notes.html Major changes between OpenSSL 3.0.8 and OpenSSL 3.0.9 [30 May 2023] * Mitigate for very slow `OBJ_obj2txt()` performance with gigantic OBJECT IDENTIFIER sub-identities. ([CVE-2023-2650]) * Fixed buffer overread in AES-XTS decryption on ARM 64 bit platforms ([CVE-2023-1255]) * Fixed documentation of X509_VERIFY_PARAM_add0_policy() ([CVE-2023-0466]) * Fixed handling of invalid certificate policies in leaf certificates ([CVE-2023-0465]) * Limited the number of nodes created in a policy tree ([CVE-2023-0464]) (From OE-Core rev: 5140fdf3417c7553d3b035d7eafacda139936494) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>

Diffstat (limited to 'meta/recipes-devtools/python/python3-requests_2.27.1.bb')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: