Diffusion FreeBSD src repository aa1afb69dced

Fix multiple security issues in OpenSSL.
aa1afb69dced
Actions

Description

Fix multiple security issues in OpenSSL.

Out-of-bounds read & write in RFC 3211 KEK Unwrap (CVE-2025-9230)
Timing side-channel in SM2 algorithm on 64 bit ARM (CVE-2025-9231)
Out-of-bounds read in HTTP client no_proxy handling (CVE-2025-9232)

Obtained from: OpenSSL
Approved by: so
Security: FreeBSD-SA-25:08.openssl
Security: CVE-2025-9230
Security: CVE-2025-9231
Security: CVE-2025-9232

Details

Provenance

gordon

Authored on Sep 30 2025, 3:23 PM

Parents

rG8af6aee96ed6: virtual_oss(8): Remove floating point formats from preference list

Branches

Unknown

Tags

Unknown

Event Timeline

gordon committed rGaa1afb69dced: Fix multiple security issues in OpenSSL. (authored by gordon).Sep 30 2025, 3:23 PM

gordon mentioned this in rG4d6fd774b5b3: Fix multiple security issues in OpenSSL..Sep 30 2025, 3:26 PM

Changes (3)

Path

Size

crypto/

openssl/

crypto/

cms/

cms_pwri.c

ec/

ecp_sm2p256.c

http/

http_lib.c

rGaa1afb69dced

View Options

crypto/openssl/crypto/cms/cms_pwri.c

View Options

crypto/openssl/crypto/ec/ecp_sm2p256.c

View Options

crypto/openssl/crypto/http/http_lib.c

Fix multiple security issues in OpenSSL.aa1afb69dcedActions

Description

Details

Event Timeline

Changes (3)

rGaa1afb69dced

crypto/openssl/crypto/cms/cms_pwri.c

crypto/openssl/crypto/ec/ecp_sm2p256.c

crypto/openssl/crypto/http/http_lib.c

Fix multiple security issues in OpenSSL.
aa1afb69dced
Actions