git: 8391ce9b0461 - Create tag vendor/openssl/3.0.14

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Enji Cooper <ngie_at_FreeBSD.org>
Date: Thu, 20 Jun 2024 23:26:40 UTC

The annotated tag vendor/openssl/3.0.14 has been created by ngie:

URL: https://cgit.FreeBSD.org/src/tag/?h=vendor/openssl/3.0.14

tag vendor/openssl/3.0.14
Tagger:     Enji Cooper <ngie@FreeBSD.org>
TaggerDate: 2024-06-20 23:26:33 +0000

Tag OpenSSL 3.0.14

commit 1070e7dca8223387baf5155524b28f62bfe7da3c
Author:     Enji Cooper <ngie@FreeBSD.org>
AuthorDate: 2024-06-20 23:24:17 +0000
Commit:     Enji Cooper <ngie@FreeBSD.org>
CommitDate: 2024-06-20 23:24:17 +0000

    Import OpenSSL 3.0.14
    
    This release resolves 3 upstream found CVEs:
    - Fixed potential use after free after SSL_free_buffers() is called (CVE-2024-4741)
    - Fixed an issue where checking excessively long DSA keys or parameters may be very slow (CVE-2024-4603)
    - Fixed unbounded memory growth with session handling in TLSv1.3 (CVE-2024-2511)