New OpenSSL patch releases are available
OpenSSL has released the following new patch level releases, available for
download now. Notable changes for each release are as follows:
OpenSSL-3.0.14
- Fixes for various memory leaks
- Various build and behavioral fixes on VMS
- Various fixes in response to CVE-2024-4741
- Explicit setup of cpuid flags in the fips provider
- DSA size checking (CVE-2024-4603)
- Fix for an sm2 encryption implementation bug
- Addition of a linux-arm64ilp32-clang build target
- Fix unconstrained session cache growth in TLSv1.3 (CVE-2024-2511)
- Fix unbounded memory growth when using no-cached-fetch
- Add atexit configuration option to using atexit() in libcrypto at build-time
OpenSSL-3.1.6
- Fixes for various memory leaks
- Various build and behavioral fixes on VMS
- Various fixes in response to CVE-2024-4741
- Explicit setup of cpuid flags in the fips provider
- DSA size checking (CVE-2024-4603)
- Fix for an sm2 encryption implementation bug
- Addition of a linux-arm64ilp32-clang build target
- Various fixes for CVE-2024-2511
- Fix unconstrained session cache growth in TLSv1.3 (CVE-2024-2511)
- Fix unbounded memory growth when using no-cached-fetch
- Add atexit configuration option to using atexit() in libcrypto at build-time
OpenSSL-3.2.2
- Fixes for various memory leaks
- Various build and behavioral fixes on VMS
- Various fixes in response to CVE-2024-4741
- Fix race for X509 store found by thread sanitizer
- Various bug fixes to the QUIC client
- Explicit setup of cpuid flags in the fips provider
- DSA size checking (CVE-2024-4603)
- Fix for an sm2 encryption implementation bug
- Addition of a linux-arm64ilp32-clang build target
- Various fixes for CVE-2024-2511
- Fix unconstrained session cache growth in TLSv1.3 (CVE-2024-2511)
- Fix unbounded memory growth when using no-cached-fetch
- Add atexit configuration option to using atexit() in libcrypto at build-time
- Fix sm4-xts aarch64 assembly implementation bug
- Fix compilation on Windows using icc