openssl: update to 3.0.9
authorIvan Pavlov <AuthorReflex@gmail.com>
Sun, 4 Jun 2023 19:34:39 +0000 (22:34 +0300)
committerHauke Mehrtens <hauke@hauke-m.de>
Fri, 9 Jun 2023 11:36:21 +0000 (13:36 +0200)
commite1d59497e9d0104388a58ceda770afcc087a6c37
treee04edbc99f3f6efc8dddebc2ec40f9f88730b741
parentc78ba8a69562fed73a409000a3d541ea7fa2a821
openssl: update to 3.0.9

CVE-2023-2650 fix
Remove upstreamed patches

Major changes between OpenSSL 3.0.8 and OpenSSL 3.0.9 [30 May 2023]
 * Mitigate for very slow OBJ_obj2txt() performance with gigantic OBJECT IDENTIFIER sub-identities. (CVE-2023-2650)
 * Fixed buffer overread in AES-XTS decryption on ARM 64 bit platforms (CVE-2023-1255)
 * Fixed documentation of X509_VERIFY_PARAM_add0_policy() (CVE-2023-0466)
 * Fixed handling of invalid certificate policies in leaf certificates (CVE-2023-0465)
 * Limited the number of nodes created in a policy tree (CVE-2023-0464)

Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
(cherry picked from commit 6348850f10545aac70db94d3a9555a4f2eb84281)
package/libs/openssl/Makefile
package/libs/openssl/patches/120-strip-cflags-from-binary.patch
package/libs/openssl/patches/200-x509-excessive-resource-use-verifying-policy-constra.patch [deleted file]
package/libs/openssl/patches/210-Ensure-that-EXFLAG_INVALID_POLICY-is-checked-even-in.patch [deleted file]
package/libs/openssl/patches/220-aesv8-armx.pl-Avoid-buffer-overrread-in-AES-XTS-decr.patch [deleted file]