[walnascar,1/1] openssl: upgrade 3.4.2 -> 3.4.3

Message ID	20251006081327.3653441-1-archana.polampalli@windriver.com
State	New
Headers	show Return-Path: <archana.polampalli@windriver.com> ip: 205.220.178.238, mailfrom: prvs=237466cedc=archana.polampalli@windriver.com) From: <archana.polampalli@windriver.com> To: <openembedded-core@lists.openembedded.org> Subject: [oe-core][walnascar][PATCH 1/1] openssl: upgrade 3.4.2 -> 3.4.3 Date: Mon, 6 Oct 2025 13:43:27 +0530 Message-ID: <20251006081327.3653441-1-archana.polampalli@windriver.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain
Series	[walnascar,1/1] openssl: upgrade 3.4.2 -> 3.4.3 \| expand [walnascar,1/1] openssl: upgrade 3.4.2 -> 3.4.3

Message ID

20251006081327.3653441-1-archana.polampalli@windriver.com

State

New

Headers

From: <archana.polampalli@windriver.com>
To: <openembedded-core@lists.openembedded.org>
Subject: [oe-core][walnascar][PATCH 1/1] openssl: upgrade 3.4.2 -> 3.4.3
Date: Mon, 6 Oct 2025 13:43:27 +0530
Message-ID: <20251006081327.3653441-1-archana.polampalli@windriver.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain

Series

[walnascar,1/1] openssl: upgrade 3.4.2 -> 3.4.3 | expand

Commit Message

Polampalli, Archana Oct. 6, 2025, 8:13 a.m. UTC

From: Archana Polampalli <archana.polampalli@windriver.com>

OpenSSL 3.4.3 is a security patch release. The most severe CVE fixed in this release is Moderate.
This release incorporates the following bug fixes and mitigations:
Fix Out-of-bounds read & write in RFC 3211 KEK Unwrap. (CVE-2025-9230)
Fix Timing side-channel in SM2 algorithm on 64 bit ARM. (CVE-2025-9231)
Fix Out-of-bounds read in HTTP client no_proxy handling. (CVE-2025-9232)

Changelog:
https://github.com/openssl/openssl/blob/openssl-3.4.3/NEWS.md#openssl-34

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
---
 .../openssl/{openssl_3.4.2.bb => openssl_3.4.3.bb}              | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-connectivity/openssl/{openssl_3.4.2.bb => openssl_3.4.3.bb} (99%)

diff --git a/meta/recipes-connectivity/openssl/openssl_3.4.2.bb b/meta/recipes-connectivity/openssl/openssl_3.4.3.bb
similarity index 99%
rename from meta/recipes-connectivity/openssl/openssl_3.4.2.bb
rename to meta/recipes-connectivity/openssl/openssl_3.4.3.bb
index 2998e37e75..8e33d63f92 100644
--- a/meta/recipes-connectivity/openssl/openssl_3.4.2.bb
+++ b/meta/recipes-connectivity/openssl/openssl_3.4.3.bb
@@ -18,7 +18,7 @@  SRC_URI:append:class-nativesdk = " \
            file://environment.d-openssl.sh \
            "
 
-SRC_URI[sha256sum] = "17b02459fc28be415470cccaae7434f3496cac1306b86b52c83886580e82834c"
+SRC_URI[sha256sum] = "fa727ed1399a64e754030a033435003991aee36bda9a5b080995cb2ac5cf7f37"
 
 inherit lib_package multilib_header multilib_script ptest perlnative manpages
 MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash"

[walnascar,1/1] openssl: upgrade 3.4.2 -> 3.4.3

Commit Message

Patch