[Buildroot] [PATCH] package/libopenssl: security bump to version 1.1.1d

Peter Korsgaard peter at korsgaard.com
Thu Sep 26 08:51:19 UTC 2019


>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:

 > Fixes the following security vulnerabilities:
 > - ECDSA remote timing attack (CVE-2019-1547)
 >   Severity: Low

 > - Fork Protection (CVE-2019-1549)
 >   Severity: Low

 > - Padding Oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey (CVE-2019-1563)
 >   Severity: Low

 > For more details, see the advisory:
 > https://www.openssl.org/news/secadv/20190910.txt

 > Signed-off-by: Peter Korsgaard <peter at korsgaard.com>

Committed to 2019.02.x, 2019.05.x and 2019.08.x, thanks.

-- 
Bye, Peter Korsgaard



More information about the buildroot mailing list