edk2.git - Cross-platform firmware development environment

diff options

author	Liu Wei <weix.c.liu@intel.com>	2021-03-18 21:01:36 +0800
committer	mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>	2021-03-23 05:37:56 +0000
commit	0ecdcb6142037dd1cdd08660a2349960bcf0270a (patch)
tree	2900e2e0e689edae91ab80a3c674e01ddfea7dbb /MdeModulePkg
parent	3d0df0f076e120c6faf3c1892fffa21b4f31ed84 (diff)
download	edk2-0ecdcb6142037dd1cdd08660a2349960bcf0270a.tar.gz edk2-0ecdcb6142037dd1cdd08660a2349960bcf0270a.tar.bz2 edk2-0ecdcb6142037dd1cdd08660a2349960bcf0270a.zip

CryptoPkg/OpensslLib: Upgrade OpenSSL to 1.1.1j

Update openssl from 1.1.1g to 1.1.1j. Current OpenSSL version 1.1.1g contains the vulnerabilities of CVE-2021-23841 and CVE-2021-23840. The related vulnerable API EVP_DecryptUpdate are used in drivers. REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3266 Besides, the opensslconf.h automatically generated by process_files.pl. Cc: Jian J Wang <jian.j.wang@intel.com> Signed-off-by: Liu Wei <weix.c.liu@intel.com> Reviewed-by: Jian J Wang <jian.j.wang@intel.com>

Diffstat (limited to 'MdeModulePkg')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: