chore(deps): bump openssl from 0.10.76 to 0.10.78

[dependabot]

Bumps openssl from 0.10.76 to 0.10.78.

Release notes

Sourced from openssl's releases.

openssl-v0.10.78

What's Changed

• Fix Suite B flag assignments in verify.rs by @​alex in rust-openssl/rust-openssl#2592
• Use cvt_p for OPENSSL_malloc error handling by @​alex in rust-openssl/rust-openssl#2593
• Mark BIO_get_mem_data on AWS-LC to be unsafe by @​alex in rust-openssl/rust-openssl#2594
• Set timeout for package installation step by @​alex in rust-openssl/rust-openssl#2595
• Panic in Crypter::new when IV is required but not provided by @​alex in rust-openssl/rust-openssl#2596
• openssl 4 support by @​reaperhulk in rust-openssl/rust-openssl#2591
• Avoid panic for overlong OIDs by @​botovq in rust-openssl/rust-openssl#2598
• Fix dangling stack pointer in custom extension add callback by @​alex in rust-openssl/rust-openssl#2599
• Add support for LibreSSL 4.3.x by @​botovq in rust-openssl/rust-openssl#2603
• fix inverted bounds assertion in AES key unwrap by @​reaperhulk in rust-openssl/rust-openssl#2604
• Reject oversized length returns from password callback trampoline by @​alex in rust-openssl/rust-openssl#2605
• Validate callback-returned lengths in PSK and cookie trampolines by @​alex in rust-openssl/rust-openssl#2607
• Error for short out in MdCtxRef::digest_final() by @​botovq in rust-openssl/rust-openssl#2608
• Check derive output buffer length on OpenSSL 1.1.x by @​alex in rust-openssl/rust-openssl#2606
• Release openssl v0.10.78 and openssl-sys v0.9.114 by @​alex in rust-openssl/rust-openssl#2609

Full Changelog: rust-openssl/rust-openssl@openssl-v0.10.77...openssl-v0.10.78

openssl-v0.10.77

What's Changed

• CI: Hash-pin all action usage, avoid credential persistence in actions/checkout by @​woodruffw in rust-openssl/rust-openssl#2587
• Bump aws-lc-sys to 0.39 by @​goffrie in rust-openssl/rust-openssl#2588
• md_ctx: enable sign/verify/reset on BoringSSL, LibreSSL, and AWS-LC by @​alex in rust-openssl/rust-openssl#2589
• Release openssl v0.10.77 and openssl-sys v0.9.113 by @​alex in rust-openssl/rust-openssl#2590

New Contributors

• @​woodruffw made their first contribution in rust-openssl/rust-openssl#2587

Full Changelog: rust-openssl/rust-openssl@openssl-v0.10.76...openssl-v0.10.77

Commits

• a6debf5 Release openssl v0.10.78 and openssl-sys v0.9.114 (#2609)
• 09b425e Check derive output buffer length on OpenSSL 1.1.x (#2606)
• 826c388 Error for short out in MdCtxRef::digest_final() (#2608)
• 1d10902 Validate callback-returned lengths in PSK and cookie trampolines (#2607)
• 5af6895 Reject oversized length returns from password callback trampoline (#2605)
• 718d07f fix inverted bounds assertion in AES key unwrap (#2604)
• 53cc69d Add support for LibreSSL 4.3.x (#2603)
• 0b41e79 Fix dangling stack pointer in custom extension add callback (#2599)
• cbdedf8 Avoid panic for overlong OIDs (#2598)
• 1fc51ef openssl 4 support (#2591)
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[dependabot]

Assignees

The following users could not be added as assignees: apache/iggy-committers. Either the username does not exist or it does not have the correct permissions to be added as an assignee.

Please fix the above issues or remove invalid values from dependabot.yml.

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.