e2cdcf8e46
Automatically rebased: 100-Configure-afalg-support.patch Changes between 3.5.0 and 3.5.1: Fix x509 application adds trusted use instead of rejected use. Issue summary: Use of -addreject option with the openssl x509 application adds a trusted use instead of a rejected use for a certificate. Impact summary: If a user intends to make a trusted certificate rejected for a particular use it will be instead marked as trusted for that use. (CVE-2025-4575) Aligned the behaviour of TLS and DTLS in the event of a no_renegotiation alert being received. Older versions of OpenSSL failed with DTLS if a no_renegotiation alert was received. All versions of OpenSSL do this for TLS. From 3.2 a bug was exposed that meant that DTLS ignored no_rengotiation. We have now restored the original behaviour and brought DTLS back into line with TLS. Signed-off-by: John Audia <therealgraysky@proton.me> Link: https://github.com/openwrt/openwrt/pull/19283 Signed-off-by: Robert Marko <robimarko@gmail.com> |
||
|---|---|---|
| .. | ||
| 100-Configure-afalg-support.patch | ||
| 110-openwrt_targets.patch | ||
| 120-strip-cflags-from-binary.patch | ||
| 130-dont-build-fuzz-docs.patch | ||
| 140-allow-prefer-chacha20.patch | ||
| 150-openssl.cnf-add-engines-conf.patch | ||
| 500-e_devcrypto-default-to-not-use-digests-in-engine.patch | ||
| 510-e_devcrypto-ignore-error-when-closing-session.patch | ||