mirror/openwrt
1
0
Fork 1
mirror of https://git.openwrt.org/openwrt/openwrt.git synced 2026-02-04 07:37:42 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
openwrt/package/libs/openssl
History
Ivan Pavlov df6db01f4f openssl: update to 3.5.5 
This release incorporates the following bug fixes and mitigations:

  fixed Improper validation of PBMAC1 parameters in PKCS#12 MAC verification.
  (CVE-2025-11187)

  fixed Stack buffer overflow in CMS AuthEnvelopedData parsing.
  (CVE-2025-15467)

  fixed NULL dereference in SSL_CIPHER_find  () function on unknown cipher ID.
  (CVE-2025-15468)

  fixed openssl dgst one-shot codepath silently truncates inputs >16 MiB.
  (CVE-2025-15469)

  fixed TLS 1.3 CompressedCertificate excessive memory allocation.
  (CVE-2025-66199)

  fixed Heap out-of-bounds write in BIO_f_linebuffer on short writes.
  (CVE-2025-68160)

  fixed Unauthenticated/unencrypted trailing bytes with low-level OCB function calls.
  (CVE-2025-69418)

  fixed Out of bounds write in PKCS12_get_friendlyname  () UTF-8 conversion.
  (CVE-2025-69419)

  fixed Missing ASN1_TYPE validation in TS_RESP_verify_response  () function.
  (CVE-2025-69420)

  fixed NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex  () function.
  (CVE-2025-69421)

  fixed Missing ASN1_TYPE validation in PKCS#12 parsing.
  (CVE-2026-22795)

  fixed ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes  () function.
  (CVE-2026-22796)

Adjust patches due to formatting changes.

Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/21752
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2026-01-28 23:52:54 +01:00
..
files openssl: add legacy provider 2023-04-05 08:24:49 -03:00
patches openssl: update to 3.5.5 2026-01-28 23:52:54 +01:00
Config.in openssl: add kTLS support option 2026-01-03 00:30:27 +01:00
Makefile openssl: update to 3.5.5 2026-01-28 23:52:54 +01:00