Skip to content

Update dependency openssl/openssl to v3.6.0

GitLab Dependency Botrequested to merge
gitlab-renovate-forks/omnibus-gitlab:renovate/openssl-openssl-3.x into master

This MR contains the following updates:

Package Update Change
openssl/openssl minor 3.4.1 -> 3.6.0

MR created with the help of gitlab-org/frontend/renovate-gitlab-bot

Release Notes

openssl/openssl (openssl/openssl)

v3.6.0: OpenSSL 3.6.0

Compare Source

OpenSSL 3.6.0 is a feature release adding significant new functionality to OpenSSL.

This release incorporates the following potentially significant or incompatible changes:

  • Added NIST security categories for PKEY objects.

  • Added support for EVP_SKEY opaque symmetric key objects to the key derivation and key exchange provider methods. Added EVP_KDF_CTX_set_SKEY(), EVP_KDF_derive_SKEY(), and EVP_PKEY_derive_SKEY() functions.

  • Added LMS signature verification support as per [SP 800-208].. This support is present in both the FIPS and default providers.

  • An ANSI-C toolchain is no longer sufficient for building OpenSSL. The code should be built using compilers supporting C-99 features.

  • Support for the VxWorks platforms has been removed.

  • Added an openssl configutl utility for processing the OpenSSL configuration file and dumping the equal configuration file.

  • Added support for FIPS 186-5 deterministic ECDSA signature generation to the FIPS provider.

  • Deprecated EVP_PKEY_ASN1_METHOD-related functions.

v3.5.4

Compare Source

  • Fix Out-of-bounds read & write in RFC 3211 KEK Unwrap

    Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write.

    Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a memory corruption which can have various consequences including a Denial of Service or Execution of attacker-supplied code.

    The issue was reported by Stanislav Fort (Aisle Research).

    ([CVE-2025-9230])

    Viktor Dukhovni

  • Fix Timing side-channel in SM2 algorithm on 64 bit ARM

    Issue summary: A timing side-channel which could potentially allow remote recovery of the private key exists in the SM2 algorithm implementation on 64 bit ARM platforms.

    Impact summary: A timing side-channel in SM2 signature computations on 64 bit ARM platforms could allow recovering the private key by an attacker.

    The issue was reported by Stanislav Fort (Aisle Research).

    ([CVE-2025-9231])

    Stanislav Fort and Tomáš Mráz

  • Fix Out-of-bounds read in HTTP client no_proxy handling

    Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the "no_proxy" environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address.

    Impact summary: An out-of-bounds read can trigger a crash which leads to Denial of Service for an application.

    The issue was reported by Stanislav Fort (Aisle Research).

    ([CVE-2025-9232])

    Stanislav Fort

v3.5.3

Compare Source

  • Fix Out-of-bounds read & write in RFC 3211 KEK Unwrap

    Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write.

    Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a memory corruption which can have various consequences including a Denial of Service or Execution of attacker-supplied code.

    The issue was reported by Stanislav Fort (Aisle Research).

    ([CVE-2025-9230])

    Viktor Dukhovni

  • Fix Timing side-channel in SM2 algorithm on 64 bit ARM

    Issue summary: A timing side-channel which could potentially allow remote recovery of the private key exists in the SM2 algorithm implementation on 64 bit ARM platforms.

    Impact summary: A timing side-channel in SM2 signature computations on 64 bit ARM platforms could allow recovering the private key by an attacker.

    The issue was reported by Stanislav Fort (Aisle Research).

    ([CVE-2025-9231])

    Stanislav Fort and Tomáš Mráz

  • Fix Out-of-bounds read in HTTP client no_proxy handling

    Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the "no_proxy" environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address.

    Impact summary: An out-of-bounds read can trigger a crash which leads to Denial of Service for an application.

    The issue was reported by Stanislav Fort (Aisle Research).

    ([CVE-2025-9232])

    Stanislav Fort

v3.5.2

Compare Source

  • Avoided a potential race condition introduced in 3.5.1, where OSSL_STORE_CTX kept open during lookup while potentially being used by multiple threads simultaneously, that could lead to potential crashes when multiple concurrent TLS connections are served.

    Matt Caswell

  • The FIPS provider no longer performs a PCT on key import for RSA, DH, and EC keys (that was introduced in 3.5.2), following the latest update on that requirement in FIPS 140-3 IG 10.3.A additional comment 1.

    Dr Paul Dale

  • Secure memory allocation calls are no longer used for HMAC keys.

    Dr Paul Dale

  • openssl req no longer generates certificates with an empty extension list when SKID/AKID are set to none during generation.

    David Benjamin

  • The man page date is now derived from the release date provided in VERSION.dat and not the current date for the released builds.

    Enji Cooper

  • Hardened the provider implementation of the RSA public key "encrypt" operation to add a missing check that the caller-indicated output buffer size is at least as large as the byte count of the RSA modulus. The issue was reported by Arash Ale Ebrahim from SYSPWN.

    This operation is typically invoked via EVP_PKEY_encrypt(3). Callers that in fact provide a sufficiently large buffer, but fail to correctly indicate its size may now encounter unexpected errors. In applications that attempt RSA public encryption into a buffer that is too small, an out-of-bounds write is now avoided and an error is reported instead.

    Viktor Dukhovni

  • Added FIPS 140-3 PCT on DH key generation.

    Nikola Pajkovsky

  • Fixed the synthesised OPENSSL_VERSION_NUMBER.

    Richard Levitte

v3.5.1

Compare Source

  • The FIPS provider now performs a PCT on key import for RSA, EC and ECX. This is mandated by FIPS 140-3 IG 10.3.A additional comment 1.

    Dr Paul Dale

v3.5.0

Compare Source

  • Fix x509 application adds trusted use instead of rejected use.

    Issue summary: Use of -addreject option with the openssl x509 application adds a trusted use instead of a rejected use for a certificate.

    Impact summary: If a user intends to make a trusted certificate rejected for a particular use it will be instead marked as trusted for that use.

    ([CVE-2025-4575])

    Tomas Mraz

  • Aligned the behaviour of TLS and DTLS in the event of a no_renegotiation alert being received. Older versions of OpenSSL failed with DTLS if a no_renegotiation alert was received. All versions of OpenSSL do this for TLS. From 3.2 a bug was exposed that meant that DTLS ignored no_rengotiation. We have now restored the original behaviour and brought DTLS back into line with TLS.

    Matt Caswell

v3.4.3: OpenSSL 3.4.3

Compare Source

OpenSSL 3.4.3 is a security patch release. The most severe CVE fixed in this release is Moderate.

This release incorporates the following bug fixes and mitigations:

  • Fix Out-of-bounds read & write in RFC 3211 KEK Unwrap. (CVE-2025-9230)

  • Fix Timing side-channel in SM2 algorithm on 64 bit ARM. (CVE-2025-9231)

  • Fix Out-of-bounds read in HTTP client no_proxy handling. (CVE-2025-9232)

v3.4.2

Compare Source

  • When displaying distinguished names in the openssl application escape control characters by default.

    Tomáš Mráz

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻️ Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about this update again.

  • If you want to rebase/retry this MR, check this box

This MR has been generated by Renovate Bot.

Edited by GitLab Dependency Bot

Merge request reports