mirror of
https://github.com/freebsd/freebsd-src
synced 2024-07-21 10:19:04 +00:00
e0c4386e7e
* Fixed PKCS12 Decoding crashes ([CVE-2024-0727])
* Fixed Excessive time spent checking invalid RSA public keys
([CVE-2023-6237])
* Fixed POLY1305 MAC implementation corrupting vector registers on
PowerPC CPUs which support PowerISA 2.07 ([CVE-2023-6129])
* Fix excessive time spent in DH check / generation with large Q
parameter value ([CVE-2023-5678])
Release notes can be found at
https://www.openssl.org/news/openssl-3.0-notes.html.
Approved by: emaste
MFC after: 3 days
Merge commit '9dd13e84fa8eca8f3462bd55485aa3da8c37f54a'
24 lines
440 B
INI
24 lines
440 B
INI
# Configuration file to test system default SSL configuration
|
|
|
|
# Comment out the next line to ignore configuration errors
|
|
config_diagnostics = 1
|
|
|
|
openssl_conf = default_conf
|
|
|
|
[ default_conf ]
|
|
|
|
ssl_conf = ssl_sect
|
|
oid_section = oid_sect
|
|
|
|
[oid_sect]
|
|
new-sig-oid = 1.1.1.1.1.1.1.1.1.1.1.1.1.1
|
|
|
|
[ssl_sect]
|
|
|
|
system_default = ssl_default_sect
|
|
|
|
[ssl_default_sect]
|
|
SignatureAlgorithms = RSA+SHA256:nonex
|
|
MaxProtocol = TLSv1.2
|
|
MinProtocol = TLSv1.2
|