projects / openwrt / openwrt.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c5dc0e0) | patch
openssl: bump to 1.1.1u
authorHauke Mehrtens <hauke@hauke-m.de>
Wed, 7 Jun 2023 20:37:47 +0000 (22:37 +0200)
committerJosef Schlehofer <pepe.schlehofer@gmail.com>
Fri, 29 Sep 2023 10:04:21 +0000 (12:04 +0200)
commited68908f580513af795c955ff8d8aac315895b13
tree4e72239549ebbe352a0350e306f571a6d987f496tree | snapshot
parentc5dc0e01df4338d796e3ae427de60a6e3e9acc1ccommit | diff
openssl: bump to 1.1.1u

Major changes between OpenSSL 1.1.1t and OpenSSL 1.1.1u [30 May 2023]

    o Mitigate for very slow `OBJ_obj2txt()` performance with gigantic
      OBJECT IDENTIFIER sub-identities.  (CVE-2023-2650)
    o Fixed documentation of X509_VERIFY_PARAM_add0_policy() (CVE-2023-0466)
    o Fixed handling of invalid certificate policies in leaf certificates
      (CVE-2023-0465)
    o Limited the number of nodes created in a policy tree ([CVE-2023-0464])

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit afb442270211c00282cecf323d568aa88391a32c)
package/libs/openssl/Makefile diff | blob | history
package/libs/openssl/patches/200-x509-excessive-resource-use-verifying-policy-constra.patch [deleted file] blob | history
package/libs/openssl/patches/210-Ensure-that-EXFLAG_INVALID_POLICY-is-checked-even-in.patch [deleted file] blob | history
OpenWrt Source Repository