mirror of
https://git.openwrt.org/openwrt/openwrt.git
synced 2025-11-03 12:58:41 +00:00
e99ee3ad9c
release is Moderate. This release incorporates the following bug fixes and mitigations: Fix Out-of-bounds read & write in RFC 3211 KEK Unwrap. (CVE-2025-9230) Fix Timing side-channel in SM2 algorithm on 64 bit ARM. (CVE-2025-9231) Fix Out-of-bounds read in HTTP client no_proxy handling. (CVE-2025-9232) Reverted the synthesised OPENSSL_VERSION_NUMBER change for the release builds, as it broke some exiting applications that relied on the previous 3.x semantics, as documented in OpenSSL_version(3). Build system: x86/64 Build-tested: x86/64-glibc Run-tested: x86/64-glibc Signed-off-by: John Audia <therealgraysky@proton.me> Link: https://github.com/openwrt/openwrt/pull/20275 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>