mirror of
https://git.yoctoproject.org/poky
synced 2026-05-22 08:27:55 +02:00
fdfdd7b319
CVE's Fixed by upgrade: CVE-2024-4741: Fixed potential use after free after SSL_free_buffers() is called CVE-2024-4603: Fixed an issue where checking excessively long DSA keys or parameters may be very slow CVE-2024-2511: Fixed unbounded memory growth with session handling in TLSv1.3 Bugs Fixed by upgrade: #23560: Fixed bug where SSL_export_keying_material() could not be used with QUIC connections Removed backports of CVE-2024-2511, CVE-2024-4603 and bti.patch as they are already fixed. Detailed Information: https://github.com/openssl/openssl/blob/openssl-3.2/CHANGES.md#changes-between-321-and-322-4-jun-2024 (From OE-Core rev: f99c9346c225b862cc26923e823c35484beb797f) Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>