openssl: upgrade 3.1.0 -> 3.1.1 - openembedded-core

diff options

author	Tim Orling <ticotimo@gmail.com>	2023-05-30 12:20:39 -0700
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2023-06-01 08:04:14 +0100
commit	26ce9a5fd31c27812ce8784a398b600cc0e9aa80 (patch)
tree	3b99d1d0cc23aa71fc71956268ee5f9e17fa5cd6 /meta/conf/documentation.conf
parent	8d17776765a99a4ae327797206ef2a8a735ce87b (diff)
download	openembedded-core-26ce9a5fd31c27812ce8784a398b600cc0e9aa80.tar.gz

openssl: upgrade 3.1.0 -> 3.1.1

* Drop CVE-2023-0464.patch (merged upstream). * Refresh 0001-Configure-do-not-tweak-mips-cflags.patch https://github.com/openssl/openssl/blob/openssl-3.1.1/NEWS.md Major changes between OpenSSL 3.1.0 and OpenSSL 3.1.1 [30 May 2023] * Mitigate for very slow OBJ_obj2txt() performance with gigantic OBJECT IDENTIFIER sub-identities. (CVE-2023-2650) * Fixed buffer overread in AES-XTS decryption on ARM 64 bit platforms (CVE-2023-1255) * Fixed documentation of X509_VERIFY_PARAM_add0_policy() (CVE-2023-0466) * Fixed handling of invalid certificate policies in leaf certificates (CVE-2023-0465) * Limited the number of nodes created in a policy tree (CVE-2023-0464) Security Advisory: https://www.openssl.org/news/secadv/20230530.txt CVE: CVE-2023-2650 CVE: CVE-2023-1255 CVE: CVE-2023-0466 CVE: CVE-2023-0465 CVE: CVE-2023-0464 Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/conf/documentation.conf')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: