mirror/openwrt
1
0
Fork 1
mirror of https://git.openwrt.org/openwrt/openwrt.git synced 2026-03-14 23:09:45 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
openwrt/package/libs/openssl
History
Martin Schiller 9237dea49e openssl: update to version 3.0.19 
OpenSSL 3.0.19 is a security patch release. The most severe CVE fixed
in this release is High.

This release incorporates the following bug fixes and mitigations:

 * Fixed Stack buffer overflow in CMS AuthEnvelopedData parsing.
   (CVE-2025-15467)

 * Fixed Heap out-of-bounds write in BIO_f_linebuffer on short writes.
   (CVE-2025-68160)

 * Fixed Unauthenticated/unencrypted trailing bytes with low-level OCB
   function calls. (CVE-2025-69418)

 * Fixed Out of bounds write in PKCS12_get_friendlyname() UTF-8
   conversion. (CVE-2025-69419)

 * Fixed Missing ASN1_TYPE validation in TS_RESP_verify_response()
   function. (CVE-2025-69420)

 * Fixed NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex()
   function. (CVE-2025-69421)

 * Fixed Missing ASN1_TYPE validation in PKCS#12 parsing.
   (CVE-2026-22795)

 * Fixed ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes()
   function. (CVE-2026-22796)

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
Link: https://github.com/openwrt/openwrt/pull/21831
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2026-02-04 23:57:41 +01:00
..
files openssl: add legacy provider 2023-04-05 08:24:49 -03:00
patches openssl: update to version 3.0.19 2026-02-04 23:57:41 +01:00
Config.in openssl: add legacy provider 2023-04-05 08:24:49 -03:00
Makefile openssl: update to version 3.0.19 2026-02-04 23:57:41 +01:00