diff options
author | 2023-05-30 12:20:39 -0700 | |
---|---|---|
committer | 2023-06-01 08:04:14 +0100 | |
commit | 26ce9a5fd31c27812ce8784a398b600cc0e9aa80 (patch) | |
tree | 3b99d1d0cc23aa71fc71956268ee5f9e17fa5cd6 /meta/conf/documentation.conf | |
parent | 8d17776765a99a4ae327797206ef2a8a735ce87b (diff) | |
download | openembedded-core-26ce9a5fd31c27812ce8784a398b600cc0e9aa80.tar.gz |
openssl: upgrade 3.1.0 -> 3.1.1
* Drop CVE-2023-0464.patch (merged upstream).
* Refresh 0001-Configure-do-not-tweak-mips-cflags.patch
https://github.com/openssl/openssl/blob/openssl-3.1.1/NEWS.md
Major changes between OpenSSL 3.1.0 and OpenSSL 3.1.1 [30 May 2023]
* Mitigate for very slow OBJ_obj2txt() performance with gigantic OBJECT IDENTIFIER sub-identities. (CVE-2023-2650)
* Fixed buffer overread in AES-XTS decryption on ARM 64 bit platforms (CVE-2023-1255)
* Fixed documentation of X509_VERIFY_PARAM_add0_policy() (CVE-2023-0466)
* Fixed handling of invalid certificate policies in leaf certificates (CVE-2023-0465)
* Limited the number of nodes created in a policy tree (CVE-2023-0464)
Security Advisory:
https://www.openssl.org/news/secadv/20230530.txt
CVE: CVE-2023-2650
CVE: CVE-2023-1255
CVE: CVE-2023-0466
CVE: CVE-2023-0465
CVE: CVE-2023-0464
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/conf/documentation.conf')
0 files changed, 0 insertions, 0 deletions