Opened 11 days ago

Closed 10 days ago

Last modified 10 days ago

#5644 closed enhancement (fixed)

openssl-3.4.1

Reported by: Bruce Dubbs Owned by: lfs-book
Priority: high Milestone: 12.3
Component: Book Version: git
Severity: normal Keywords:
Cc:

Description

New point version with security updates.

Changes between 3.4.0 and 3.4.1 [11 Feb 2025]

  • Fixed RFC7250 handshakes with unauthenticated servers don't abort as expected. ([CVE-2024-12797])

  • Fixed timing side-channel in ECDSA signature computation. ([CVE-2024-13176])
  • Reverted the behavior change of CMS_get1_certs() and CMS_get1_crls() that happened in the 3.4.0 release. These functions now return NULL again if there are no certs or crls in the CMS object.

Change History (3)

comment:1 by Bruce Dubbs, 10 days ago

Resolution: fixed
Status: newclosed

Fixed at commit d3abecc973: 

Update to vim-9.1.1106.
Update to diffutils-3.11.
Update to libffi-3.4.7.
Update to linux-6.13.2.
Update to Python3-3.13.2.
Update to sysvinit-3.14.

comment:2 by Douglas R. Reno, 10 days ago

SA-12.2-085 issued

comment:3 by Douglas R. Reno, 10 days ago

Priority: normalhigh
Note: See TracTickets for help on using tickets.