[Midnightbsd-cvs] [MidnightBSD/src] 7f13a9: Fix a number of CVEs in OpenSSL
Lucas Holt
noreply at github.com
Tue Jan 27 23:00:59 EST 2026
Branch: refs/heads/stable/4.0
Home: https://github.com/MidnightBSD/src
Commit: 7f13a9258369a127a14a40fc8946121cd976db33
https://github.com/MidnightBSD/src/commit/7f13a9258369a127a14a40fc8946121cd976db33
Author: Lucas Holt <luke at foolishgames.com>
Date: 2026-01-27 (Tue, 27 Jan 2026)
Changed paths:
M crypto/openssl/apps/s_client.c
M crypto/openssl/crypto/asn1/a_strex.c
M crypto/openssl/crypto/bio/bf_lbuf.c
M crypto/openssl/crypto/modes/ocb128.c
M crypto/openssl/crypto/pkcs12/p12_decr.c
M crypto/openssl/crypto/pkcs12/p12_kiss.c
M crypto/openssl/crypto/pkcs12/p12_utl.c
M crypto/openssl/crypto/pkcs7/pk7_doit.c
M crypto/openssl/crypto/ts/ts_rsp_verify.c
Log Message:
-----------
Fix a number of CVEs in OpenSSL
CVE-2025-68160 - Heap out-of-bounds write in BIO_f_linebuffer on short writes
CVE-2025-69418 - Unauthenticated/unencrypted trailing bytes with low-level OCB function calls
CVE-2025-69419 - Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion
CVE-2025-69420 - Missing ASN1_TYPE validation in TS_RESP_verify_response() function
CVE-2025-69421 - NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function
CVE-2026-22795 - Missing ASN1_TYPE validation in PKCS#12 parsing
CVE-2026-22796 - ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function
To unsubscribe from these emails, change your notification settings at https://github.com/MidnightBSD/src/settings/notifications
More information about the Midnightbsd-cvs
mailing list