(23.11) openssl_3: 3.0.13 -> 3.0.14; openssl_3_1: 3.1.5 -> 3.1.6 #318322
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description of changes
openssl_3: 3.0.13 -> 3.0.14
Changelog: https://github.com/openssl/openssl/blob/openssl-3.0/CHANGES.md#changes-between-3013-and-3014-4-jun-2024
CVEs fixed:
(CVE-2024-4741)
(CVE-2024-4603)
memory growth when processing TLSv1.3 sessions. An attacker may exploit certain
server configurations to trigger unbounded memory growth that would lead to a
Denial of Service.
(CVE-2024-2511)
openssl_3_1: 3.1.5 -> 3.1.6
Changelog: https://github.com/openssl/openssl/blob/openssl-3.1/CHANGES.md#changes-between-315-and-316-4-jun-2024
CVEs fixed:
(CVE-2024-4741)
(CVE-2024-4603)
memory growth when processing TLSv1.3 sessions. An attacker may exploit certain
server configurations to trigger unbounded memory growth that would lead to a
Denial of Service.
(CVE-2024-2511)
Things done
nix.conf
? (See Nix manual)sandbox = relaxed
sandbox = true
nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD"
. Note: all changes have to be committed, also see nixpkgs-review usage./result/bin/
)Add a 👍 reaction to pull requests you find important.