[Buildroot] [PATCH] package/libopenssl: bump version to 3.5.4
Julien Olivain
ju.o at free.fr
Thu Oct 2 21:02:36 UTC 2025
Hi Michael,
Thanks for the patch!
I applied an identical patch sent a few hours before yours:
https://patchwork.ozlabs.org/project/buildroot/patch/20251002065706.1010793-1-francois.perrad@gadz.org/
On 02/10/2025 14:38, Michael Fischer wrote:
> Security patch release.
> The most severe CVE fixed in this release is Moderate.
>
> This release incorporates the following bug fixes and mitigations:
>
> - Fix Out-of-bounds read & write in RFC 3211 KEK Unwrap.
> (CVE-2025-9230)
>
> - Fix Timing side-channel in SM2 algorithm on 64 bit ARM.
> (CVE-2025-9231)
>
> - Fix Out-of-bounds read in HTTP client no_proxy handling.
> (CVE-2025-9232)
>
> Signed-off-by: Michael Fischer <mf at go-sys.de>
> ---
> package/libopenssl/libopenssl.hash | 4 ++--
> package/libopenssl/libopenssl.mk | 2 +-
> 2 files changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/package/libopenssl/libopenssl.hash
> b/package/libopenssl/libopenssl.hash
> index d0ca45d303..e78b664aa5 100644
> --- a/package/libopenssl/libopenssl.hash
> +++ b/package/libopenssl/libopenssl.hash
> @@ -1,5 +1,5 @@
> -# From
> https://github.com/openssl/openssl/releases/download/openssl-3.5.3/openssl-3.5.3.tar.gz.sha256
> -sha256
> c9489d2abcf943cdc8329a57092331c598a402938054dc3a22218aea8a8ec3bf
> openssl-3.5.3.tar.gz
> +# From
> https://github.com/openssl/openssl/releases/download/openssl-3.5.4/openssl-3.5.4.tar.gz.sha256
> +sha256
> 967311f84955316969bdb1d8d4b983718ef42338639c621ec4c34fddef355e99
> openssl-3.5.4.tar.gz
>
> # License files
> sha256
> 7d5450cb2d142651b8afa315b5f238efc805dad827d91ba367d8516bc9d49e7a
> LICENSE.txt
> diff --git a/package/libopenssl/libopenssl.mk
> b/package/libopenssl/libopenssl.mk
> index b892d4e236..2f844fd44a 100644
> --- a/package/libopenssl/libopenssl.mk
> +++ b/package/libopenssl/libopenssl.mk
> @@ -4,7 +4,7 @@
> #
>
> ################################################################################
>
> -LIBOPENSSL_VERSION = 3.5.3
> +LIBOPENSSL_VERSION = 3.5.4
> LIBOPENSSL_SITE =
> https://github.com/openssl/openssl/releases/download/openssl-$(LIBOPENSSL_VERSION)
> LIBOPENSSL_SOURCE = openssl-$(LIBOPENSSL_VERSION).tar.gz
> LIBOPENSSL_LICENSE = Apache-2.0
> --
> 2.43.0
Best regards,
Julien.
More information about the buildroot
mailing list