[Buildroot] [PATCH] package/libopenssl: bump version to 3.5.4
Michael Fischer
mf at go-sys.de
Thu Oct 2 12:38:23 UTC 2025
Security patch release.
The most severe CVE fixed in this release is Moderate.
This release incorporates the following bug fixes and mitigations:
- Fix Out-of-bounds read & write in RFC 3211 KEK Unwrap.
(CVE-2025-9230)
- Fix Timing side-channel in SM2 algorithm on 64 bit ARM.
(CVE-2025-9231)
- Fix Out-of-bounds read in HTTP client no_proxy handling.
(CVE-2025-9232)
Signed-off-by: Michael Fischer <mf at go-sys.de>
---
package/libopenssl/libopenssl.hash | 4 ++--
package/libopenssl/libopenssl.mk | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/package/libopenssl/libopenssl.hash b/package/libopenssl/libopenssl.hash
index d0ca45d303..e78b664aa5 100644
--- a/package/libopenssl/libopenssl.hash
+++ b/package/libopenssl/libopenssl.hash
@@ -1,5 +1,5 @@
-# From https://github.com/openssl/openssl/releases/download/openssl-3.5.3/openssl-3.5.3.tar.gz.sha256
-sha256 c9489d2abcf943cdc8329a57092331c598a402938054dc3a22218aea8a8ec3bf openssl-3.5.3.tar.gz
+# From https://github.com/openssl/openssl/releases/download/openssl-3.5.4/openssl-3.5.4.tar.gz.sha256
+sha256 967311f84955316969bdb1d8d4b983718ef42338639c621ec4c34fddef355e99 openssl-3.5.4.tar.gz
# License files
sha256 7d5450cb2d142651b8afa315b5f238efc805dad827d91ba367d8516bc9d49e7a LICENSE.txt
diff --git a/package/libopenssl/libopenssl.mk b/package/libopenssl/libopenssl.mk
index b892d4e236..2f844fd44a 100644
--- a/package/libopenssl/libopenssl.mk
+++ b/package/libopenssl/libopenssl.mk
@@ -4,7 +4,7 @@
#
################################################################################
-LIBOPENSSL_VERSION = 3.5.3
+LIBOPENSSL_VERSION = 3.5.4
LIBOPENSSL_SITE = https://github.com/openssl/openssl/releases/download/openssl-$(LIBOPENSSL_VERSION)
LIBOPENSSL_SOURCE = openssl-$(LIBOPENSSL_VERSION).tar.gz
LIBOPENSSL_LICENSE = Apache-2.0
--
2.43.0
More information about the buildroot
mailing list