Opened 6 months ago

Closed 5 months ago

Last modified 4 months ago

#5500 closed enhancement (fixed)

openssl-3.3.1

Reported by: Douglas R. Reno Owned by: lfs-book
Priority: high Milestone: 12.2
Component: Book Version: git
Severity: normal Keywords:
Cc:

Description

New point version

OpenSSL-3.3.1

    Support updated to oqs-provider 0.6.0
    Add demo for ECDH key exchange
    Fixes for various memory leaks
    Various build and behavioral fixes on VMS
    Various fixes in response to CVE-2024-4741
    Fix race for X509 store found by thread sanitizer
    Various bug fixes to the QUIC client
    Explicit setup of cpuid flags in the fips provider
    DSA size checking (CVE-2024-4603)
    Fix for an sm2 encryption implementation bug
    Addition of a linux-arm64ilp32-clang build target
    Various fixes for CVE-2024-2511
    Fix unconstrained session cache growth in TLSv1.3 (CVE-2024-2511)
    Fix unbounded memory growth when using no-cached-fetch
    Add atexit configuration option to using atexit() in libcrypto at build-time
    Fix sm4-xts aarch64 assembly implementation bug
    Fix compilation on Windows using icc

Change History (2)

comment:1 by Bruce Dubbs, 5 months ago

Resolution: fixed
Status: newclosed

Fixed at commit 58180415d.

comment:2 by Douglas R. Reno, 4 months ago

SA-12.1-068 issued

Note: See TracTickets for help on using tickets.