From: Poonam Jadhav <[email protected]> Fix CVEs CVE-2023-3817, CVE-2023-3446 and CVE-2023-2975 for openssl
Major changes between OpenSSL 3.0.9 and OpenSSL 3.0.10 [1 Aug 2023] Link: https://www.openssl.org/news/openssl-3.0-notes.html * Fix excessive time spent checking DH q parameter value ([CVE-2023-3817]) * Fix DH_check() excessive time with over sized modulus ([CVE-2023-3446]) * Do not ignore empty associated data entries with AES-SIV ([CVE-2023-2975]) Signed-off-by: Poonam Jadhav <[email protected]> --- .../openssl/{openssl_3.0.9.bb => openssl_3.0.10.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-connectivity/openssl/{openssl_3.0.9.bb => openssl_3.0.10.bb} (99%) diff --git a/meta/recipes-connectivity/openssl/openssl_3.0.9.bb b/meta/recipes-connectivity/openssl/openssl_3.0.10.bb similarity index 99% rename from meta/recipes-connectivity/openssl/openssl_3.0.9.bb rename to meta/recipes-connectivity/openssl/openssl_3.0.10.bb index 9738d36902..c770f1c712 100644 --- a/meta/recipes-connectivity/openssl/openssl_3.0.9.bb +++ b/meta/recipes-connectivity/openssl/openssl_3.0.10.bb @@ -18,7 +18,7 @@ SRC_URI:append:class-nativesdk = " \ file://environment.d-openssl.sh \ " -SRC_URI[sha256sum] = "eb1ab04781474360f77c318ab89d8c5a03abc38e63d65a603cabbf1b00a1dc90" +SRC_URI[sha256sum] = "1761d4f5b13a1028b9b6f3d4b8e17feb0cedc9370f6afe61d7193d2cdce83323" inherit lib_package multilib_header multilib_script ptest perlnative MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash" -- 2.25.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#185588): https://lists.openembedded.org/g/openembedded-core/message/185588 Mute This Topic: https://lists.openembedded.org/mt/100595720/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
