mirror of
https://git.yoctoproject.org/poky
synced 2026-04-24 12:32:11 +02:00
fb53a9ec2b
* fix CVEs CVE-2023-1255 and CVE-2023-2650 * drop CVE patches merged upstream * refresh 0001-Configure-do-not-tweak-mips-cflags.patch https://www.openssl.org/news/openssl-3.0-notes.html Major changes between OpenSSL 3.0.8 and OpenSSL 3.0.9 [30 May 2023] * Mitigate for very slow `OBJ_obj2txt()` performance with gigantic OBJECT IDENTIFIER sub-identities. ([CVE-2023-2650]) * Fixed buffer overread in AES-XTS decryption on ARM 64 bit platforms ([CVE-2023-1255]) * Fixed documentation of X509_VERIFY_PARAM_add0_policy() ([CVE-2023-0466]) * Fixed handling of invalid certificate policies in leaf certificates ([CVE-2023-0465]) * Limited the number of nodes created in a policy tree ([CVE-2023-0464]) (From OE-Core rev: 5140fdf3417c7553d3b035d7eafacda139936494) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>