CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2024/01/30 09:46:04
Modified files:
security/openssl/3.2: Makefile distinfo
security/openssl/3.2/patches:
patch-Configurations_unix-Makefile_tmpl
patch-crypto_ec_asm_ecp_sm2p256-armv8_pl
security/openssl/3.2/pkg: PLIST
Removed files:
security/openssl/3.2/patches: patch-ssl_ssl_lib_c
Log message:
Update to OpenSSL 3.2.1
* Fixed PKCS12 Decoding crashes ([CVE-2024-0727])
* Fixed excessive time spent checking invalid RSA public keys ([CVE-2023-6237])
* Fixed POLY1305 MAC implementation corrupting vector registers on PowerPC
CPUs which support PowerISA 2.07 ([CVE-2023-6129])
* Fixed excessive time spent in DH check / generation with large Q parameter
value [(CVE-2023-5678)]
Plus a UAF in DANE code.
