chore(deps): update rust crate openssl to v0.10.78 [security]#16931
Merged
chore(deps): update rust crate openssl to v0.10.78 [security]#16931
Conversation
rustbot
added
the
S-waiting-on-review
Collaborator
|
r? @ehuss rustbot has assigned @ehuss. Use Why was this reviewer chosen?The reviewer was selected based on:
|
ehuss
approved these changes
Apr 22, 2026
rustbot
removed
the
S-waiting-on-review
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
0.10.76→0.10.78rust-openssl: Unchecked callback length in PSK/cookie trampolines leaks adjacent memory to peer
GHSA-hppc-g8h3-xhp3
More information
Details
The FFI trampolines behind
SslContextBuilder::set_psk_client_callback,set_psk_server_callback,set_cookie_generate_cb, andset_stateless_cookie_generate_cbforwarded the user closure's returned usize directly to OpenSSL without checking it against the&mut [u8]that was handed to the closure. This can lead to buffer overflows and other unintended consequences.Severity
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:NReferences
This data is provided by the GitHub Advisory Database (CC-BY 4.0).
rust-openssl: rustMdCtxRef::digest_final() writes past caller buffer with no length check
CVE-2026-41681 / GHSA-ghm9-cr32-g9qj
More information
Details
EVP_DigestFinal()always writesEVP_MD_CTX_size(ctx)to theoutbuffer. Ifoutis smaller than that,MdCtxRef::digest_final()writes past its end, usually corrupting the stack. This is reachable from safe Rust.Severity
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:UReferences
This data is provided by the GitHub Advisory Database (CC-BY 4.0).
rust-openssl has incorrect bounds assertion in aes key wrap
CVE-2026-41678 / GHSA-8c75-8mhr-p7r9
More information
Details
Summary
aes::unwrap_key()has an incorrect bounds assertion on the out buffer size, which can lead to out-of-bounds write.Details
aes::unwrap_key()contains an incorrect assertion: it checks thatout.len() + 8 <= in_.len(), but this condition is reversed. The intended invariant isout.len() >= in_.len() - 8, ensuring the output buffer is large enough.Because of the inverted check, the function only accepts buffers at or below the minimum required size and rejects larger ones. If a smaller buffer is provided the function will write past the end of
outbyin_.len() - 8 - out.len()bytes, causing an out-of-bounds write from a safe public function.Impact
Vulnerable applications using AES keywrap and allowing attacker controlled buffer sizes could have an attacker trigger an out-of-bounds write.
Severity
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:UReferences
This data is provided by the GitHub Advisory Database (CC-BY 4.0).
rust-opennssl has an Out-of-bounds read in PEM password callback when returning an oversized length
CVE-2026-41677 / GHSA-xmgf-hq76-4vx2
More information
Details
The
*_from_pem_callbackAPIs did not validate the length returned by the user's callback. A password callback that returns a value larger than the buffer it was given can cause some versions of OpenSSL to over-read this buffer. OpenSSL 3.x is not affected by this.Severity
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:UReferences
This data is provided by the GitHub Advisory Database (CC-BY 4.0).
rust-openssl: Deriver::derive and PkeyCtxRef::derive can overflow short buffers on OpenSSL 1.1.1
CVE-2026-41676 / GHSA-pqf5-4pqq-29f5
More information
Details
Deriver::derive(andPkeyCtxRef::derive) setslen = buf.len()and passes it as the in/out length toEVP_PKEY_derive, relying on OpenSSL to honor it. On OpenSSL 1.1.x, X25519, X448, DH and HKDF-extract ignore the incoming*keylen, unconditionally writing the full shared secret (32/56/prime-size bytes). A caller passing a short slice gets a heap/stack overflow from safe code. OpenSSL 3.x providers do check, so this only impacts older OpenSSL.Severity
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:UReferences
This data is provided by the GitHub Advisory Database (CC-BY 4.0).
Release Notes
rust-openssl/rust-openssl (openssl)
v0.10.78Compare Source
What's Changed
Full Changelog: rust-openssl/rust-openssl@openssl-v0.10.77...openssl-v0.10.78
v0.10.77Compare Source
What's Changed
New Contributors
Full Changelog: rust-openssl/rust-openssl@openssl-v0.10.76...openssl-v0.10.77
Configuration
📅 Schedule: (UTC)
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.