Skip to content

Commit 64f24a2

Browse files
AuthorReflexAuthorReflex
committed
openssl: update to 3.0.13
Major changes between OpenSSL 3.0.12 and OpenSSL 3.0.13 [30 Jan 2024] * Fixed PKCS12 Decoding crashes ([CVE-2024-0727]) * Fixed Excessive time spent checking invalid RSA public keys ([CVE-2023-6237]) * Fixed POLY1305 MAC implementation corrupting vector registers on PowerPC CPUs which support PowerISA 2.07 ([CVE-2023-6129]) * Fix excessive time spent in DH check / generation with large Q parameter value ([CVE-2023-5678]) Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
1 parent 9ccbfda commit 64f24a2

File tree

3 files changed

+6
-6
lines changed

3 files changed

+6
-6
lines changed

package/libs/openssl/Makefile

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
include $(TOPDIR)/rules.mk
99

1010
PKG_NAME:=openssl
11-
PKG_VERSION:=3.0.12
11+
PKG_VERSION:=3.0.13
1212
PKG_RELEASE:=1
1313
PKG_USE_MIPS16:=0
1414
PKG_BUILD_FLAGS:=gc-sections no-lto
@@ -27,7 +27,7 @@ PKG_SOURCE_URL:= \
2727
ftp://ftp.pca.dfn.de/pub/tools/net/openssl/source/ \
2828
ftp://ftp.pca.dfn.de/pub/tools/net/openssl/source/old/$(PKG_BASE)/
2929

30-
PKG_HASH:=f93c9e8edde5e9166119de31755fc87b4aa34863662f67ddfcba14d0b6b69b61
30+
PKG_HASH:=88525753f79d3bec27d2fa7c66aa0b92b3aa9498dafd93d7cfa4b3780cdae313
3131

3232
PKG_LICENSE:=Apache-2.0
3333
PKG_LICENSE_FILES:=LICENSE

package/libs/openssl/patches/100-Configure-afalg-support.patch

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@ Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
1010

1111
--- a/Configure
1212
+++ b/Configure
13-
@@ -1674,7 +1674,9 @@ $config{CFLAGS} = [ map { $_ eq '--ossl-
13+
@@ -1677,7 +1677,9 @@ $config{CFLAGS} = [ map { $_ eq '--ossl-
1414

1515
unless ($disabled{afalgeng}) {
1616
$config{afalgeng}="";

package/libs/openssl/patches/140-allow-prefer-chacha20.patch

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@ Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
1616

1717
--- a/ssl/ssl_ciph.c
1818
+++ b/ssl/ssl_ciph.c
19-
@@ -1505,11 +1505,29 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
19+
@@ -1506,11 +1506,29 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
2020
ssl_cipher_apply_rule(0, SSL_kECDHE, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &head,
2121
&tail);
2222

@@ -46,7 +46,7 @@ Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
4646

4747
/*
4848
* ...and generally, our preferred cipher is AES.
49-
@@ -1564,7 +1582,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
49+
@@ -1565,7 +1583,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_
5050
* Within each group, ciphers remain sorted by strength and previous
5151
* preference, i.e.,
5252
* 1) ECDHE > DHE
@@ -55,7 +55,7 @@ Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
5555
* 3) AES > rest
5656
* 4) TLS 1.2 > legacy
5757
*
58-
@@ -2235,7 +2253,13 @@ const char *OSSL_default_cipher_list(voi
58+
@@ -2236,7 +2254,13 @@ const char *OSSL_default_cipher_list(voi
5959
*/
6060
const char *OSSL_default_ciphersuites(void)
6161
{

0 commit comments

Comments
 (0)