mirror of
https://github.com/openwrt/openwrt.git
synced 2025-01-29 15:44:04 +00:00
e1d59497e9
CVE-2023-2650 fix Remove upstreamed patches Major changes between OpenSSL 3.0.8 and OpenSSL 3.0.9 [30 May 2023] * Mitigate for very slow OBJ_obj2txt() performance with gigantic OBJECT IDENTIFIER sub-identities. (CVE-2023-2650) * Fixed buffer overread in AES-XTS decryption on ARM 64 bit platforms (CVE-2023-1255) * Fixed documentation of X509_VERIFY_PARAM_add0_policy() (CVE-2023-0466) * Fixed handling of invalid certificate policies in leaf certificates (CVE-2023-0465) * Limited the number of nodes created in a policy tree (CVE-2023-0464) Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com> (cherry picked from commit 6348850f10545aac70db94d3a9555a4f2eb84281)