| #
44096ebd |
|
26-Jun-2024 |
Enji Cooper <ngie@FreeBSD.org> |
Update to OpenSSL 3.0.14
This release resolves 3 upstream found CVEs:
- Fixed potential use after free after SSL_free_buffers() is called (CVE-2024-4741)
- Fixed an issue where checking excessively long DSA keys or parameters may be very slow (CVE-2024-4603)
- Fixed unbounded memory growth with session handling in TLSv1.3 (CVE-2024-2511)
MFC after: 3 days
Merge commit '1070e7dca8223387baf5155524b28f62bfe7da3c'
|
| #
e0c4386e |
|
02-Feb-2024 |
Cy Schubert <cy@FreeBSD.org> |
OpenSSL: Vendor import of OpenSSL 3.0.13
* Fixed PKCS12 Decoding crashes ([CVE-2024-0727])
* Fixed Excessive time spent checking invalid RSA public keys
([CVE-2023-6237])
* Fixed POLY1305 MAC implementation corrupting vector registers on
PowerPC CPUs which support PowerISA 2.07 ([CVE-2023-6129])
* Fix excessive time spent in DH check / generation with large Q
parameter value ([CVE-2023-5678])
Release notes can be found at
https://www.openssl.org/news/openssl-3.0-notes.html.
Approved by: emaste
MFC after: 3 days
Merge commit '9dd13e84fa8eca8f3462bd55485aa3da8c37f54a'
|
| #
e0c4386e |
|
02-Feb-2024 |
Cy Schubert <cy@FreeBSD.org> |
OpenSSL: Vendor import of OpenSSL 3.0.13
* Fixed PKCS12 Decoding crashes ([CVE-2024-0727])
* Fixed Excessive time spent checking invalid RSA public keys
([CVE-2023-6237])
* Fixed POLY1305 MAC implementation corrupting vector registers on
PowerPC CPUs which support PowerISA 2.07 ([CVE-2023-6129])
* Fix excessive time spent in DH check / generation with large Q
parameter value ([CVE-2023-5678])
Release notes can be found at
https://www.openssl.org/news/openssl-3.0-notes.html.
Approved by: emaste
MFC after: 3 days
Merge commit '9dd13e84fa8eca8f3462bd55485aa3da8c37f54a'
|