diff options
| author | Ivan Pavlov <AuthorReflex@gmail.com> | 2023-06-04 22:34:39 +0300 |
|---|---|---|
| committer | Hauke Mehrtens <hauke@hauke-m.de> | 2023-06-09 13:36:21 +0200 |
| commit | e1d59497e9d0104388a58ceda770afcc087a6c37 (patch) | |
| tree | e04edbc99f3f6efc8dddebc2ec40f9f88730b741 /target | |
| parent | c78ba8a69562fed73a409000a3d541ea7fa2a821 (diff) | |
| download | upstream-e1d59497e9d0104388a58ceda770afcc087a6c37.tar.gz upstream-e1d59497e9d0104388a58ceda770afcc087a6c37.tar.bz2 upstream-e1d59497e9d0104388a58ceda770afcc087a6c37.zip | |
openssl: update to 3.0.9
CVE-2023-2650 fix
Remove upstreamed patches
Major changes between OpenSSL 3.0.8 and OpenSSL 3.0.9 [30 May 2023]
* Mitigate for very slow OBJ_obj2txt() performance with gigantic OBJECT IDENTIFIER sub-identities. (CVE-2023-2650)
* Fixed buffer overread in AES-XTS decryption on ARM 64 bit platforms (CVE-2023-1255)
* Fixed documentation of X509_VERIFY_PARAM_add0_policy() (CVE-2023-0466)
* Fixed handling of invalid certificate policies in leaf certificates (CVE-2023-0465)
* Limited the number of nodes created in a policy tree (CVE-2023-0464)
Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
(cherry picked from commit 6348850f10545aac70db94d3a9555a4f2eb84281)
Diffstat (limited to 'target')
0 files changed, 0 insertions, 0 deletions