mirror of
https://git.openwrt.org/openwrt/openwrt.git
synced 2026-04-23 12:11:01 +02:00
62ea6aad47
This release incorporates the following bug fixes and mitigations: Fixed incorrect failure handling in RSA KEM RSASVE encapsulation. (CVE-2026-31790) Fixed loss of key agreement group tuple structure when the DEFAULT keyword is used in the server-side configuration of the key-agreement group list. (CVE-2026-2673) Fixed potential use-after-free in DANE client code. (CVE-2026-28387) Fixed NULL pointer dereference when processing a delta CRL. (CVE-2026-28388) Fixed possible NULL dereference when processing CMS KeyAgreeRecipientInfo. (CVE-2026-28389) Fixed possible NULL dereference when processing CMS KeyTransportRecipientInfo. (CVE-2026-28390) Fixed heap buffer overflow in hexadecimal conversion. (CVE-2026-31789) No need refresh patches Signed-off-by: Jack Sun <sunjiazheng321521@gmail.com> Link: https://github.com/openwrt/openwrt/pull/22847 Signed-off-by: Robert Marko <robimarko@gmail.com>