openssl: update to 3.5.6

This release incorporates the following bug fixes and mitigations: Fixed incorrect failure handling in RSA KEM RSASVE encapsulation. (CVE-2026-31790) Fixed loss of key agreement group tuple structure when the DEFAULT keyword is used in the server-side configuration of the key-agreement group list. (CVE-2026-2673) Fixed potential use-after-free in DANE client code. (CVE-2026-28387) Fixed NULL pointer dereference when processing a delta CRL. (CVE-2026-28388) Fixed possible NULL dereference when processing CMS KeyAgreeRecipientInfo. (CVE-2026-28389) Fixed possible NULL dereference when processing CMS KeyTransportRecipientInfo. (CVE-2026-28390) Fixed heap buffer overflow in hexadecimal conversion. (CVE-2026-31789) No need refresh patches Signed-off-by: Jack Sun <sunjiazheng321521@gmail.com> Link: https://github.com/openwrt/openwrt/pull/22847 Signed-off-by: Robert Marko <robimarko@gmail.com>
2026-04-08 21:15:24 +08:00 · 2026-04-08 21:15:24 +08:00 · 62ea6aad47
commit 62ea6aad47
parent 901ca8213c
1 changed files with 2 additions and 2 deletions
--- a/package/libs/openssl/Makefile
+++ b/package/libs/openssl/Makefile
@ -8,7 +8,7 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=openssl
-PKG_VERSION:=3.5.5
+PKG_VERSION:=3.5.6
 PKG_RELEASE:=1
 PKG_BUILD_FLAGS:=no-mips16 gc-sections no-lto

@ -21,7 +21,7 @@ PKG_SOURCE_URL:= \
 	https://www.openssl.org/source/old/$(PKG_BASE)/ \
 	https://github.com/openssl/openssl/releases/download/$(PKG_NAME)-$(PKG_VERSION)/

-PKG_HASH:=b28c91532a8b65a1f983b4c28b7488174e4a01008e29ce8e69bd789f28bc2a89
+PKG_HASH:=deae7c80cba99c4b4f940ecadb3c3338b13cb77418409238e57d7f31f2a3b736

 PKG_LICENSE:=Apache-2.0
 PKG_LICENSE_FILES:=LICENSE.txt