mirror of
https://github.com/opnsense/src.git
synced 2026-02-18 18:20:26 -05:00
7ca64ab386
This is a rollup commit from upstream to fix: Stack buffer overflow in CMS AuthEnvelopedData parsing (CVE-2025-15467) Heap out-of-bounds write in BIO_f_linebuffer on short writes (CVE-2025-68160) Unauthenticated/unencrypted trailing bytes with low-level OCB function calls (CVE-2025-69418) Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion (CVE-2025-69419) Missing ASN1_TYPE validation in TS_RESP_verify_response() function (CVE-2025-69420) NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function (CVE-2025-69421) Missing ASN1_TYPE validation in PKCS#12 parsing (CVE-2026-22795) ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function (CVE-2026-22796) See https://openssl-library.org/news/secadv/ for additional details. Approved by: so Obtained from: OpenSSL Security: FreeBSD-SA-26:01.openssl Security: CVE-2025-15467 Security: CVE-2025-68160 Security: CVE-2025-69418 Security: CVE-2025-69419 Security: CVE-2025-69420 Security: CVE-2025-69421 Security: CVE-2026-22795 Security: CVE-2026-22796 |
||
|---|---|---|
| .. | ||
| heimdal | ||
| libecc | ||
| openssh | ||
| openssl | ||
| README | ||
This directory is for the EXACT same use as src/contrib, except it holds crypto sources. In other words, this holds raw sources obtained from various third party vendors, with FreeBSD patches applied. No compilation is done from this directory, it is all done from the src/secure directory. The separation between src/contrib and src/crypto is the result of an old USA law, which made these sources export controlled, so they had to be kept separate.