mirror of
https://git.openwrt.org/openwrt/openwrt.git
synced 2026-03-14 23:09:45 +01:00
9237dea49e
OpenSSL 3.0.19 is a security patch release. The most severe CVE fixed in this release is High. This release incorporates the following bug fixes and mitigations: * Fixed Stack buffer overflow in CMS AuthEnvelopedData parsing. (CVE-2025-15467) * Fixed Heap out-of-bounds write in BIO_f_linebuffer on short writes. (CVE-2025-68160) * Fixed Unauthenticated/unencrypted trailing bytes with low-level OCB function calls. (CVE-2025-69418) * Fixed Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion. (CVE-2025-69419) * Fixed Missing ASN1_TYPE validation in TS_RESP_verify_response() function. (CVE-2025-69420) * Fixed NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex() function. (CVE-2025-69421) * Fixed Missing ASN1_TYPE validation in PKCS#12 parsing. (CVE-2026-22795) * Fixed ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function. (CVE-2026-22796) Signed-off-by: Martin Schiller <ms@dev.tdt.de> Link: https://github.com/openwrt/openwrt/pull/21831 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> |
||
|---|---|---|
| .. | ||
| argp-standalone | ||
| elfutils | ||
| gettext-full | ||
| gmp | ||
| jansson | ||
| libbpf | ||
| libbsd | ||
| libcap | ||
| libevent2 | ||
| libiconv-full | ||
| libjson-c | ||
| libmd | ||
| libmnl | ||
| libnetfilter-conntrack | ||
| libnfnetlink | ||
| libnftnl | ||
| libnl | ||
| libnl-tiny | ||
| libpcap | ||
| libselinux | ||
| libsemanage | ||
| libsepol | ||
| libtool | ||
| libtraceevent | ||
| libtracefs | ||
| libubox | ||
| libunistring | ||
| libunwind | ||
| libusb | ||
| libxml2 | ||
| mbedtls | ||
| mpfr | ||
| musl-fts | ||
| ncurses | ||
| nettle | ||
| openssl | ||
| pcre2 | ||
| popt | ||
| readline | ||
| sysfsutils | ||
| toolchain | ||
| uclient | ||
| udebug | ||
| ustream-ssl | ||
| wolfssl | ||
| zlib | ||