https://www.openssl.org/news/cl33.txt Plugs CVEs: CVE-2024-4741 - Potential use after free after SSL_free_buffers() is called CVE-2024-4603 - Checking excessively long DSA keys or parameters may be very slow
* Forward patchset, applies cleanly. Signed-off-by: Christian Melki <[email protected]> --- .../0001-debian-targets.patch | 0 patches/{openssl-3.3.0 => openssl-3.3.1}/0002-pic.patch | 0 ...Configure-allow-to-enable-ktls-if-target-does-not-st.patch | 0 .../0004-conf-Serialize-allocation-free-of-ssl_names.patch | 0 ...Configure-drop-fzero-call-used-regs-used-gpr-from-De.patch | 0 patches/{openssl-3.3.0 => openssl-3.3.1}/series | 0 rules/openssl.make | 4 ++-- 7 files changed, 2 insertions(+), 2 deletions(-) rename patches/{openssl-3.3.0 => openssl-3.3.1}/0001-debian-targets.patch (100%) rename patches/{openssl-3.3.0 => openssl-3.3.1}/0002-pic.patch (100%) rename patches/{openssl-3.3.0 => openssl-3.3.1}/0003-Configure-allow-to-enable-ktls-if-target-does-not-st.patch (100%) rename patches/{openssl-3.3.0 => openssl-3.3.1}/0004-conf-Serialize-allocation-free-of-ssl_names.patch (100%) rename patches/{openssl-3.3.0 => openssl-3.3.1}/0005-Configure-drop-fzero-call-used-regs-used-gpr-from-De.patch (100%) rename patches/{openssl-3.3.0 => openssl-3.3.1}/series (100%) diff --git a/patches/openssl-3.3.0/0001-debian-targets.patch b/patches/openssl-3.3.1/0001-debian-targets.patch similarity index 100% rename from patches/openssl-3.3.0/0001-debian-targets.patch rename to patches/openssl-3.3.1/0001-debian-targets.patch diff --git a/patches/openssl-3.3.0/0002-pic.patch b/patches/openssl-3.3.1/0002-pic.patch similarity index 100% rename from patches/openssl-3.3.0/0002-pic.patch rename to patches/openssl-3.3.1/0002-pic.patch diff --git a/patches/openssl-3.3.0/0003-Configure-allow-to-enable-ktls-if-target-does-not-st.patch b/patches/openssl-3.3.1/0003-Configure-allow-to-enable-ktls-if-target-does-not-st.patch similarity index 100% rename from patches/openssl-3.3.0/0003-Configure-allow-to-enable-ktls-if-target-does-not-st.patch rename to patches/openssl-3.3.1/0003-Configure-allow-to-enable-ktls-if-target-does-not-st.patch diff --git a/patches/openssl-3.3.0/0004-conf-Serialize-allocation-free-of-ssl_names.patch b/patches/openssl-3.3.1/0004-conf-Serialize-allocation-free-of-ssl_names.patch similarity index 100% rename from patches/openssl-3.3.0/0004-conf-Serialize-allocation-free-of-ssl_names.patch rename to patches/openssl-3.3.1/0004-conf-Serialize-allocation-free-of-ssl_names.patch diff --git a/patches/openssl-3.3.0/0005-Configure-drop-fzero-call-used-regs-used-gpr-from-De.patch b/patches/openssl-3.3.1/0005-Configure-drop-fzero-call-used-regs-used-gpr-from-De.patch similarity index 100% rename from patches/openssl-3.3.0/0005-Configure-drop-fzero-call-used-regs-used-gpr-from-De.patch rename to patches/openssl-3.3.1/0005-Configure-drop-fzero-call-used-regs-used-gpr-from-De.patch diff --git a/patches/openssl-3.3.0/series b/patches/openssl-3.3.1/series similarity index 100% rename from patches/openssl-3.3.0/series rename to patches/openssl-3.3.1/series diff --git a/rules/openssl.make b/rules/openssl.make index 8ce6661cc..066437c9b 100644 --- a/rules/openssl.make +++ b/rules/openssl.make @@ -16,8 +16,8 @@ PACKAGES-$(PTXCONF_OPENSSL) += openssl # # Paths and names # -OPENSSL_VERSION := 3.3.0 -OPENSSL_MD5 := c8b063afbea85d867e161ecb8816cfa9 +OPENSSL_VERSION := 3.3.1 +OPENSSL_MD5 := 8a4342b399c18f870ca6186299195984 OPENSSL := openssl-$(OPENSSL_VERSION) OPENSSL_SUFFIX := tar.gz OPENSSL_URL := \ -- 2.34.1
