mirror of
https://git.openwrt.org/openwrt/openwrt.git
synced 2026-01-31 07:53:09 +01:00
df6db01f4f
This release incorporates the following bug fixes and mitigations: fixed Improper validation of PBMAC1 parameters in PKCS#12 MAC verification. (CVE-2025-11187) fixed Stack buffer overflow in CMS AuthEnvelopedData parsing. (CVE-2025-15467) fixed NULL dereference in SSL_CIPHER_find () function on unknown cipher ID. (CVE-2025-15468) fixed openssl dgst one-shot codepath silently truncates inputs >16 MiB. (CVE-2025-15469) fixed TLS 1.3 CompressedCertificate excessive memory allocation. (CVE-2025-66199) fixed Heap out-of-bounds write in BIO_f_linebuffer on short writes. (CVE-2025-68160) fixed Unauthenticated/unencrypted trailing bytes with low-level OCB function calls. (CVE-2025-69418) fixed Out of bounds write in PKCS12_get_friendlyname () UTF-8 conversion. (CVE-2025-69419) fixed Missing ASN1_TYPE validation in TS_RESP_verify_response () function. (CVE-2025-69420) fixed NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex () function. (CVE-2025-69421) fixed Missing ASN1_TYPE validation in PKCS#12 parsing. (CVE-2026-22795) fixed ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes () function. (CVE-2026-22796) Adjust patches due to formatting changes. Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com> Link: https://github.com/openwrt/openwrt/pull/21752 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> |
||
|---|---|---|
| .. | ||
| base-files | ||
| boot | ||
| devel | ||
| firmware | ||
| kernel | ||
| libs | ||
| network | ||
| system | ||
| utils | ||
| Makefile | ||