mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-06-21 13:54:22 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
fb0a4eb7a8aa94deffd46c4611175dee4ffe2d07
poky/meta/recipes-connectivity/openssl
History
Peter Marko ef58892c7f openssl: upgrade 3.5.5 -> 3.5.6 
Release information [1]:

OpenSSL 3.5.6 is a security patch release. The most severe CVE fixed in this release is Medium.
This release incorporates the following bug fixes and mitigations:
* Fixed incorrect failure handling in RSA KEM RSASVE encapsulation. (CVE-2026-31790)
* Fixed loss of key agreement group tuple structure when the DEFAULT keyword is used in
  the server-side configuration of the key-agreement group list. (CVE-2026-2673)
* Fixed potential use-after-free in DANE client code. (CVE-2026-28387)
* Fixed NULL pointer dereference when processing a delta CRL. (CVE-2026-28388)
* Fixed possible NULL dereference when processing CMS KeyAgreeRecipientInfo. (CVE-2026-28389)
* Fixed possible NULL dereference when processing CMS KeyTransportRecipientInfo. (CVE-2026-28390)
* Fixed heap buffer overflow in hexadecimal conversion. (CVE-2026-31789)

[1] https://github.com/openssl/openssl/blob/openssl-3.5/NEWS.md#major-changes-between-openssl-355-and-openssl-356-7-apr-2026

(From OE-Core rev: a8cf6e078aa7967dde5f950e3e6f9b212b748dcf)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit fc25ce383ddcb1185c193ff2b10f9116741eb316)
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
2026-05-04 13:57:31 +01:00
..
files
openssl: upgrade 3.2.6 -> 3.5.5
2026-03-16 10:22:06 +00:00
openssl
openssl: upgrade 3.5.5 -> 3.5.6
2026-05-04 13:57:31 +01:00
openssl_3.5.6.bb
openssl: upgrade 3.5.5 -> 3.5.6
2026-05-04 13:57:31 +01:00