projects / openwrt / openwrt.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a25c76d) | patch
openssl: Update to version 3.0.18 openwrt-23.05
authorHauke Mehrtens <hauke@hauke-m.de>
Sun, 5 Oct 2025 17:43:22 +0000 (19:43 +0200)
committerMartin Schiller <ms@dev.tdt.de>
Thu, 4 Dec 2025 14:13:14 +0000 (15:13 +0100)
commitb6d7048c8bcf23d9852cf17f1fa1d532d1552474
treea55b8966b7f4f313806100312339afc29ca909c3tree | snapshot
parenta25c76d8c736ea15d9e05868c62711352efefc1ecommit | diff
openssl: Update to version 3.0.18

OpenSSL 3.0.18 is a security patch release. The most severe CVE fixed in this
release is Moderate.

This release incorporates the following bug fixes and mitigations:

 * Fix Out-of-bounds read & write in RFC 3211 KEK Unwrap. (CVE-2025-9230)

 * Fix Out-of-bounds read in HTTP client no_proxy handling. (CVE-2025-9232)

The removed patch is included upstream:
https://github.com/openssl/openssl/commit/c0d968f0ac56ad507ab0101e537e7d530e9f0448

Link: https://github.com/openwrt/openwrt/pull/20312
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 6e068b7052cccadc7e3543ca6741ece26333097e)
package/libs/openssl/Makefile diff | blob | history
package/libs/openssl/patches/0001-Don-t-keep-the-store-open-in-by_store_ctrl_ex.patch [deleted file] blob | history
OpenWrt Source Repository