Commit 8f51bac2 authored Jun 04, 2024 by Siddharth Committed by Steve Sakoman Jun 21, 2024

openssl: Upgrade 3.0.13 -> 3.0.14

CVE's Fixed by upgrade:
CVE-2024-4741: Fixed potential use after free after SSL_free_buffers() is called
CVE-2024-4603: Fixed an issue where checking excessively long DSA keys or parameters may be very slow
CVE-2024-2511: Fixed unbounded memory growth with session handling in TLSv1.3

Removed backports of CVE-2024-2511 and CVE-2024-4603 as they are already
fixed.

Detailed Information:
https://github.com/openssl/openssl/blob/openssl-3.0/CHANGES.md#changes-between-3013-and-3014-4-jun-2024



Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>

parent 8accff90

Show whitespace changes

Inline Side-by-side

Please register or to comment