ExternalVendorCode/openwrt
1
0
Fork 0
mirror of https://github.com/openwrt/openwrt.git synced 2024-12-28 09:39:00 +00:00
Code Issues Actions 10 Packages Projects Releases Wiki Activity
4aabbd6746
openwrt/package/libs/openssl
History
John Audia 4aabbd6746 openssl: update to 3.0.14 
Major changes between OpenSSL 3.0.13 and OpenSSL 3.0.14 [04-Jun-2024]

* Fixed potential use after free after SSL_free_buffers() is called.
  [CVE-2024-4741]
* Fixed checking excessively long DSA keys or parameters may be very slow.
  [CVE-2024-4603]
* Fixed an issue where some non-default TLS server configurations can cause
  unbounded memory growth when processing TLSv1.3 sessions. An attacker may
  exploit certain server configurations to trigger unbounded memory growth that
  would lead to a Denial of Service.  [CVE-2024-2511]
* New atexit configuration switch, which controls whether the OPENSSL_cleanup
  is registered when libcrypto is unloaded. This can be used on platforms
  where using atexit() from shared libraries causes crashes on exit

Signed-off-by: John Audia <therealgraysky@proton.me>

Build system: x86/64
Build-tested: x86/64/AMD Cezanne

(cherry picked from commit bac2f1bed6)
Link: https://github.com/openwrt/openwrt/pull/15873
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2024-07-06 18:29:23 +02:00
..
files openssl: add legacy provider 2023-04-05 08:24:49 -03:00
patches openssl: update to 3.0.13 2024-02-04 19:18:17 +01:00
Config.in openssl: add legacy provider 2023-04-05 08:24:49 -03:00
Makefile openssl: update to 3.0.14 2024-07-06 18:29:23 +02:00