src/crypto/openssl/external, branch main FreeBSD source tree MFV: crypto/openssl: update to 3.5.6 2026-04-09T01:44:24+00:00 Enji Cooper ngie@FreeBSD.org 2026-04-09T01:44:24+00:00 10a428653ee7216475f1ddce3fb4cbf1200319f8 This change brings in version 3.5.6 of OpenSSL, which features several security fixes (the highest of which is a MEDIUM severity issue), as well as some miscellaneous feature updates. Please see the release notes [1] for more details. PS Apologies for the confusing merge commits -- I was testing out a new automated update process and failed to catch the commit message issues until after I pushed the change. 1. https://github.com/openssl/openssl/blob/openssl-3.5.6/NEWS.md MFC after: 1 day (the security issues warrant a quick backport). Merge commit 'ab5fc4ac933ff67bc800e774dffce15e2a541e90' 
This change brings in version 3.5.6 of OpenSSL, which features
several security fixes (the highest of which is a MEDIUM severity
issue), as well as some miscellaneous feature updates.

Please see the release notes [1] for more details.

PS Apologies for the confusing merge commits -- I was testing out a
new automated update process and failed to catch the commit message
issues until after I pushed the change.

1. https://github.com/openssl/openssl/blob/openssl-3.5.6/NEWS.md

MFC after:	1 day (the security issues warrant a quick backport).
Merge commit 'ab5fc4ac933ff67bc800e774dffce15e2a541e90'
OpenSSL: Vendor import of OpenSSL 3.0.13 2024-02-02T21:21:36+00:00 Cy Schubert cy@FreeBSD.org 2024-02-02T21:10:22+00:00 e0c4386e7e71d93b0edc0c8fa156263fc4a8b0b6 * Fixed PKCS12 Decoding crashes ([CVE-2024-0727]) * Fixed Excessive time spent checking invalid RSA public keys ([CVE-2023-6237]) * Fixed POLY1305 MAC implementation corrupting vector registers on PowerPC CPUs which support PowerISA 2.07 ([CVE-2023-6129]) * Fix excessive time spent in DH check / generation with large Q parameter value ([CVE-2023-5678]) Release notes can be found at https://www.openssl.org/news/openssl-3.0-notes.html. Approved by: emaste MFC after: 3 days Merge commit '9dd13e84fa8eca8f3462bd55485aa3da8c37f54a' 
 * Fixed PKCS12 Decoding crashes ([CVE-2024-0727])
 * Fixed Excessive time spent checking invalid RSA public keys
   ([CVE-2023-6237])
 * Fixed POLY1305 MAC implementation corrupting vector registers on
   PowerPC CPUs which support PowerISA 2.07 ([CVE-2023-6129])
 * Fix excessive time spent in DH check / generation with large Q
   parameter value ([CVE-2023-5678])

Release notes can be found at
            https://www.openssl.org/news/openssl-3.0-notes.html.

Approved by:	emaste
MFC after:	3 days

Merge commit '9dd13e84fa8eca8f3462bd55485aa3da8c37f54a'