<feed xmlns='http://www.w3.org/2005/Atom'>
<title>src/crypto/openssl/util/perl/OpenSSL, branch main</title>
<subtitle>FreeBSD source tree</subtitle>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/'/>
<entry>
<title>openssl: import 3.5.5</title>
<updated>2026-01-31T22:00:39+00:00</updated>
<author>
<name>Enji Cooper</name>
<email>ngie@FreeBSD.org</email>
</author>
<published>2026-01-31T22:00:39+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=f25b8c9fb4f58cf61adb47d7570abe7caa6d385d'/>
<id>f25b8c9fb4f58cf61adb47d7570abe7caa6d385d</id>
<content type='text'>
This change adds OpenSSL 3.5.5 from upstream [1].

The 3.5.5 artifact was been verified via PGP key [2] and by SHA256 checksum [3].

This is a security release, but also contains several bugfixes. All of
the CVE-worthy issues have already been addressed on the target
branch(es), so the net-result is that this is a bugfix release.

More information about the release (from a high level) can be found in
the release notes [4].

MFC after:	1 week

1. https://github.com/openssl/openssl/releases/download/openssl-3.5.5/openssl-3.5.5.tar.gz
2. https://github.com/openssl/openssl/releases/download/openssl-3.5.5/openssl-3.5.5.tar.gz.asc
3. https://github.com/openssl/openssl/releases/download/openssl-3.5.5/openssl-3.5.5.tar.gz.sha256
4. https://github.com/openssl/openssl/blob/openssl-3.5.5/NEWS.md

Merge commit '808413da28df9fb93e1f304e6016b15e660f54c8'
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
This change adds OpenSSL 3.5.5 from upstream [1].

The 3.5.5 artifact was been verified via PGP key [2] and by SHA256 checksum [3].

This is a security release, but also contains several bugfixes. All of
the CVE-worthy issues have already been addressed on the target
branch(es), so the net-result is that this is a bugfix release.

More information about the release (from a high level) can be found in
the release notes [4].

MFC after:	1 week

1. https://github.com/openssl/openssl/releases/download/openssl-3.5.5/openssl-3.5.5.tar.gz
2. https://github.com/openssl/openssl/releases/download/openssl-3.5.5/openssl-3.5.5.tar.gz.asc
3. https://github.com/openssl/openssl/releases/download/openssl-3.5.5/openssl-3.5.5.tar.gz.sha256
4. https://github.com/openssl/openssl/blob/openssl-3.5.5/NEWS.md

Merge commit '808413da28df9fb93e1f304e6016b15e660f54c8'
</pre>
</div>
</content>
</entry>
<entry>
<title>Merge commit '1095efe41feed8ea5a6fe5ca123c347ae0914801'</title>
<updated>2025-08-07T13:50:32+00:00</updated>
<author>
<name>Pierre Pronchery</name>
<email>khorben@FreeBSD.org</email>
</author>
<published>2025-08-07T13:50:32+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=e7be843b4a162e68651d3911f0357ed464915629'/>
<id>e7be843b4a162e68651d3911f0357ed464915629</id>
<content type='text'>
Approved by:	philip (mentor)
Sponsored by:	Alpha-Omega Beach Cleaning Project
Sponsored by:	The FreeBSD Foundation
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Approved by:	philip (mentor)
Sponsored by:	Alpha-Omega Beach Cleaning Project
Sponsored by:	The FreeBSD Foundation
</pre>
</div>
</content>
</entry>
<entry>
<title>openssl: Import OpenSSL 3.0.16</title>
<updated>2025-03-14T06:40:59+00:00</updated>
<author>
<name>Enji Cooper</name>
<email>ngie@FreeBSD.org</email>
</author>
<published>2025-03-14T06:40:59+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=0d0c8621fd181e507f0fb50ffcca606faf66a8c2'/>
<id>0d0c8621fd181e507f0fb50ffcca606faf66a8c2</id>
<content type='text'>
This release incorporates the following bug fixes and mitigations:
- [CVE-2024-13176](https://www.openssl.org/news/vulnerabilities.html#CVE-2024-13176
- [CVE-2024-9143](https://www.openssl.org/news/vulnerabilities.html#CVE-2024-9143)

Release notes can be found at:
https://openssl-library.org/news/openssl-3.0-notes/index.html

MFC after:      1 week
Differential Revision:  https://reviews.freebsd.org/D49296
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
This release incorporates the following bug fixes and mitigations:
- [CVE-2024-13176](https://www.openssl.org/news/vulnerabilities.html#CVE-2024-13176
- [CVE-2024-9143](https://www.openssl.org/news/vulnerabilities.html#CVE-2024-9143)

Release notes can be found at:
https://openssl-library.org/news/openssl-3.0-notes/index.html

MFC after:      1 week
Differential Revision:  https://reviews.freebsd.org/D49296
</pre>
</div>
</content>
</entry>
<entry>
<title>openssl: Import OpenSSL 3.0.15.</title>
<updated>2024-09-08T04:31:22+00:00</updated>
<author>
<name>Enji Cooper</name>
<email>ngie@FreeBSD.org</email>
</author>
<published>2024-09-08T04:30:17+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=a7148ab39c03abd4d1a84997c70bf96f15dd2a09'/>
<id>a7148ab39c03abd4d1a84997c70bf96f15dd2a09</id>
<content type='text'>
This release incorporates the following bug fixes and mitigations:
- Fixed possible denial of service in X.509 name checks ([CVE-2024-6119])
- Fixed possible buffer overread in SSL_select_next_proto() ([CVE-2024-5535])

Release notes can be found at:
https://openssl-library.org/news/openssl-3.0-notes/index.html

Co-authored-by:	gordon
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D46602

Merge commit '108164cf95d9594884c2dcccba2691335e6f221b'
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
This release incorporates the following bug fixes and mitigations:
- Fixed possible denial of service in X.509 name checks ([CVE-2024-6119])
- Fixed possible buffer overread in SSL_select_next_proto() ([CVE-2024-5535])

Release notes can be found at:
https://openssl-library.org/news/openssl-3.0-notes/index.html

Co-authored-by:	gordon
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D46602

Merge commit '108164cf95d9594884c2dcccba2691335e6f221b'
</pre>
</div>
</content>
</entry>
<entry>
<title>OpenSSL: Vendor import of OpenSSL 3.0.13</title>
<updated>2024-02-02T21:21:36+00:00</updated>
<author>
<name>Cy Schubert</name>
<email>cy@FreeBSD.org</email>
</author>
<published>2024-02-02T21:10:22+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=e0c4386e7e71d93b0edc0c8fa156263fc4a8b0b6'/>
<id>e0c4386e7e71d93b0edc0c8fa156263fc4a8b0b6</id>
<content type='text'>
 * Fixed PKCS12 Decoding crashes ([CVE-2024-0727])
 * Fixed Excessive time spent checking invalid RSA public keys
   ([CVE-2023-6237])
 * Fixed POLY1305 MAC implementation corrupting vector registers on
   PowerPC CPUs which support PowerISA 2.07 ([CVE-2023-6129])
 * Fix excessive time spent in DH check / generation with large Q
   parameter value ([CVE-2023-5678])

Release notes can be found at
            https://www.openssl.org/news/openssl-3.0-notes.html.

Approved by:	emaste
MFC after:	3 days

Merge commit '9dd13e84fa8eca8f3462bd55485aa3da8c37f54a'
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
 * Fixed PKCS12 Decoding crashes ([CVE-2024-0727])
 * Fixed Excessive time spent checking invalid RSA public keys
   ([CVE-2023-6237])
 * Fixed POLY1305 MAC implementation corrupting vector registers on
   PowerPC CPUs which support PowerISA 2.07 ([CVE-2023-6129])
 * Fix excessive time spent in DH check / generation with large Q
   parameter value ([CVE-2023-5678])

Release notes can be found at
            https://www.openssl.org/news/openssl-3.0-notes.html.

Approved by:	emaste
MFC after:	3 days

Merge commit '9dd13e84fa8eca8f3462bd55485aa3da8c37f54a'
</pre>
</div>
</content>
</entry>
</feed>
