CVSROOT: /cvs Module name: ports Changes by: t...@cvs.openbsd.org 2024/01/30 09:46:04
Modified files: security/openssl/3.2: Makefile distinfo security/openssl/3.2/patches: patch-Configurations_unix-Makefile_tmpl patch-crypto_ec_asm_ecp_sm2p256-armv8_pl security/openssl/3.2/pkg: PLIST Removed files: security/openssl/3.2/patches: patch-ssl_ssl_lib_c Log message: Update to OpenSSL 3.2.1 * Fixed PKCS12 Decoding crashes ([CVE-2024-0727]) * Fixed excessive time spent checking invalid RSA public keys ([CVE-2023-6237]) * Fixed POLY1305 MAC implementation corrupting vector registers on PowerPC CPUs which support PowerISA 2.07 ([CVE-2023-6129]) * Fixed excessive time spent in DH check / generation with large Q parameter value [(CVE-2023-5678)] Plus a UAF in DANE code.