From e1338c784c46e606c42a4f0d89864d6afa0fd35b Mon Sep 17 00:00:00 2001
From: Adolf Belka <adolf.belka@ipfire.org>
Date: Fri, 3 Oct 2025 16:04:35 +0200
Subject: [PATCH] openssl: Update to version 3.5.4

- Update from version 3.5.1 to 3.5.4
- Update of rootfile
- Changelog
    3.5.4
	 * Fix Out-of-bounds read & write in RFC 3211 KEK Unwrap
	   Issue summary: An application trying to decrypt CMS messages encrypted using
	   password based encryption can trigger an out-of-bounds read and write.
	   Impact summary: This out-of-bounds read may trigger a crash which leads to
	   Denial of Service for an application. The out-of-bounds write can cause
	   a memory corruption which can have various consequences including
	   a Denial of Service or Execution of attacker-supplied code.
	   The issue was reported by Stanislav Fort (Aisle Research).
	   ([CVE-2025-9230])
	 * Fix Timing side-channel in SM2 algorithm on 64 bit ARM
	   Issue summary: A timing side-channel which could potentially allow remote
	   recovery of the private key exists in the SM2 algorithm implementation on
	   64 bit ARM platforms.
	   Impact summary: A timing side-channel in SM2 signature computations on
	   64 bit ARM platforms could allow recovering the private key by an attacker.
	   The issue was reported by Stanislav Fort (Aisle Research).
	   ([CVE-2025-9231])
	 * Fix Out-of-bounds read in HTTP client no_proxy handling
	   Issue summary: An application using the OpenSSL HTTP client API functions
	   may trigger an out-of-bounds read if the "no_proxy" environment variable is
	   set and the host portion of the authority component of the HTTP URL is an
	   IPv6 address.
	   Impact summary: An out-of-bounds read can trigger a crash which leads to
	   Denial of Service for an application.
	   The issue was reported by Stanislav Fort (Aisle Research).
	   ([CVE-2025-9232])
	 * The FIPS provider no longer performs a PCT on key import for ECX keys
	   (that was introduced in 3.5.2), following the latest update
	   on that requirement in FIPS 140-3 IG 10.3.A additional comment 1.
	 * Fixed the length of the ASN.1 sequence for the SM3 digests of RSA-encrypted
	   signatures.
	 * Reverted the synthesised `OPENSSL_VERSION_NUMBER` change for the release
	   builds, as it broke some exiting applications that relied on the previous
	   3.x semantics, as documented in `OpenSSL_version(3)`.
    3.5.3
	 * Avoided a potential race condition introduced in 3.5.1, where
	   `OSSL_STORE_CTX` kept open during lookup while potentially being used
	   by multiple threads simultaneously, that could lead to potential crashes
	   when multiple concurrent TLS connections are served.
	 * The FIPS provider no longer performs a PCT on key import for RSA, DH,
	   and EC keys (that was introduced in 3.5.2), following the latest update
	   on that requirement in FIPS 140-3 IG 10.3.A additional comment 1.
	 * Secure memory allocation calls are no longer used for HMAC keys.
	 * `openssl req` no longer generates certificates with an empty extension list
	   when SKID/AKID are set to `none` during generation.
	 * The man page date is now derived from the release date provided
	   in `VERSION.dat` and not the current date for the released builds.
	 * Hardened the provider implementation of the RSA public key "encrypt"
	   operation to add a missing check that the caller-indicated output buffer
	   size is at least as large as the byte count of the RSA modulus.  The issue
	   was reported by Arash Ale Ebrahim from SYSPWN.
	   This operation is typically invoked via `EVP_PKEY_encrypt(3)`.  Callers that
	   in fact provide a sufficiently large buffer, but fail to correctly indicate
	   its size may now encounter unexpected errors.  In applications that attempt
	   RSA public encryption into a buffer that is too small, an out-of-bounds
	   write is now avoided and an error is reported instead.
	 * Added FIPS 140-3 PCT on DH key generation.
	 * Fixed the synthesised `OPENSSL_VERSION_NUMBER`.
    3.5.2
	 * The FIPS provider now performs a PCT on key import for RSA, EC and ECX.
	   This is mandated by FIPS 140-3 IG 10.3.A additional comment 1.

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---
 config/rootfiles/common/openssl | 2 ++
 lfs/openssl                     | 4 ++--
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/config/rootfiles/common/openssl b/config/rootfiles/common/openssl
index 8c154485e..5374f5e65 100644
--- a/config/rootfiles/common/openssl
+++ b/config/rootfiles/common/openssl
@@ -5530,10 +5530,12 @@ usr/lib/ossl-modules/legacy.so
 #usr/share/man/man3/SSL_POLL_EVENT_E.3ossl
 #usr/share/man/man3/SSL_POLL_EVENT_EC.3ossl
 #usr/share/man/man3/SSL_POLL_EVENT_ECD.3ossl
+#usr/share/man/man3/SSL_POLL_EVENT_EL.3ossl
 #usr/share/man/man3/SSL_POLL_EVENT_ER.3ossl
 #usr/share/man/man3/SSL_POLL_EVENT_EW.3ossl
 #usr/share/man/man3/SSL_POLL_EVENT_F.3ossl
 #usr/share/man/man3/SSL_POLL_EVENT_I.3ossl
+#usr/share/man/man3/SSL_POLL_EVENT_IC.3ossl
 #usr/share/man/man3/SSL_POLL_EVENT_IS.3ossl
 #usr/share/man/man3/SSL_POLL_EVENT_ISB.3ossl
 #usr/share/man/man3/SSL_POLL_EVENT_ISE.3ossl
diff --git a/lfs/openssl b/lfs/openssl
index c59714470..dc3f733a0 100644
--- a/lfs/openssl
+++ b/lfs/openssl
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 3.5.1
+VER        = 3.5.4
 
 THISAPP    = openssl-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -72,7 +72,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = 172db56ac41cee78bcb5d2223c33d78baf3326d8d466115f39be414384d265ad4541e00096d3f53435f9f89119882ae587b20b1ac05dc2ace46a0d43d7cc6996
+$(DL_FILE)_BLAKE2 = 07e02f88af05e189385eef28599b81bd16d242130975c79df46e565a0dd92f74e59807d4770a2b3316adf08f2ca6a0dd2bfc96ab2a88a8dfb5c0d19197fe8fbf
 
 install : $(TARGET)
 
-- 
2.47.3