Skip to content

Commit

Permalink
chore(deps) bump openssl from 1.1.1n to 1.1.1o (#8752)
Browse files Browse the repository at this point in the history 
### Summary

Fixed a bug in the c_rehash script which was not properly sanitising shell
metacharacters to prevent command injection
([CVE-2022-1292](https://www.openssl.org/news/vulnerabilities.html#CVE-2022-1292)).
  • Loading branch information
@bungle
bungle committed May 4, 2022
1 parent 0973036 commit 6163945
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 2 deletions.
2 changes: 1 addition & 1 deletion .requirements
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ KONG_LICENSE="ASL 2.0"

RESTY_VERSION=1.19.9.1
RESTY_LUAROCKS_VERSION=3.9.0
RESTY_OPENSSL_VERSION=1.1.1n
RESTY_OPENSSL_VERSION=1.1.1o
RESTY_PCRE_VERSION=8.45
RESTY_LMDB_VERSION=master
LIBYAML_VERSION=0.2.5
Expand Down
3 changes: 2 additions & 1 deletion CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -115,8 +115,9 @@

- Bumped pgmoon from 1.13.0 to 1.14.0
[#8429](https://github.com/Kong/kong/pull/8429)
- OpenSSL bumped to 1.1.1n
- OpenSSL bumped to from 1.1.1n to 1.1.1o
[#8544](https://github.com/Kong/kong/pull/8544)
[#8752](https://github.com/Kong/kong/pull/8752)
- Bumped resty.openssl from 0.8.5 to 0.8.7
[#8592](https://github.com/Kong/kong/pull/8592)
- Bumped inspect from 3.1.2 to 3.1.3
Expand Down

0 comments on commit 6163945

Please sign in to comment.