Changes between 1.1.1s and 1.1.1t:
* Fixed X.400 address type confusion in X.509 GeneralName (CVE-2023-0286).
* Fixed Use-after-free following BIO_new_NDEF (CVE-2023-0215).
* Fixed Double free after calling PEM_read_bio_ex (CVE-2022-4450).
* Fixed Timing Oracle in RSA Decryption (CVE-2022-4304).
Also a corruption issue with this patch:
Applying: openssl: upgrade 1.1.1s to 1.1.1t
error: corrupt patch at line 19
error: could not build fake ancestor
Patch failed at 0001 openssl: upgrade 1.1.1s to 1.1.1t
Steve
On Tue, Feb 21, 2023 at 6:24 AM Hugo Simeliere via
lists.openembedded.org
wrote:
Major changes between OpenSSL 1.1.1s and OpenSSL 1.1.1t [7 Feb 2023]
* Fixed X.400 address type confusion in X.509 GeneralName (CVE-2023-0286)
* Fixed Use-after-free following BIO_new_NDEF (CVE-2023-0215)
* Fixed Double free after calling PEM_read_bio_ex (CVE-2022-4450)
* Fixed Timing Oracle in RSA
