HomeFreeBSD

Update to OpenSSL 3.0.14

Description

Update to OpenSSL 3.0.14

This release resolves 3 upstream found CVEs:

  • Fixed potential use after free after SSL_free_buffers() is called (CVE-2024-4741)
  • Fixed an issue where checking excessively long DSA keys or parameters may be very slow (CVE-2024-4603)
  • Fixed unbounded memory growth with session handling in TLSv1.3 (CVE-2024-2511)

MFC after: 3 days
Merge commit '1070e7dca8223387baf5155524b28f62bfe7da3c'

(cherry picked from commit 44096ebd22ddd0081a357011714eff8963614b65)

Details

Provenance
ngieAuthored on Jun 26 2024, 11:50 PM
Parents
rGbb7b7b0eb7cf: MFC zfs/jail: Document the zfs.mount_snapshot parameter in jail(8).
Branches
Unknown
Tags
Unknown