mirror of
https://git.yoctoproject.org/poky
synced 2026-01-29 21:08:42 +01:00
2f0df0334a
3.2.6 has fixed 3.2.5 regression which broke python3 ptests so we can upgrade now. We can also drop CVE-2025-27587 patch which was taken instead of 3.2.5 upgrade under: https://github.com/openssl/openssl/pull/28198 Release information: https://github.com/openssl/openssl/blob/openssl-3.0/NEWS.md#major-changes-between-openssl-3017-and-openssl-3018-30-sep-2025 OpenSSL 3.2.6 is a security patch release. The most severe CVE fixed in this release is Moderate. This release incorporates the following bug fixes and mitigations: * Fix Out-of-bounds read & write in RFC 3211 KEK Unwrap. (CVE-2025-9230) * Fix Timing side-channel in SM2 algorithm on 64 bit ARM. (CVE-2025-9231) * Fix Out-of-bounds read in HTTP client no_proxy handling. (CVE-2025-9232) Release information: https://github.com/openssl/openssl/blob/openssl-3.2/NEWS.md#major-changes-between-openssl-324-and-openssl-325-1-jul-2025 OpenSSL 3.2.5 is a bug fix release. This release incorporates the following bug fixes and mitigations: * Miscellaneous minor bug fixes. (From OE-Core rev: ef6bbf39c10ff7bd8ad36d5d2f59ddd0756e0141) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>