chore(deps): update rust crate openssl to v0.10.78 [security]

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
openssl	dependencies	patch	0.10.75 → 0.10.78

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

rust-openssl: rustMdCtxRef::digest_final() writes past caller buffer with no length check

CVE-2026-41681 / GHSA-ghm9-cr32-g9qj

More information

Details

EVP_DigestFinal() always writes EVP_MD_CTX_size(ctx) to the out buffer. If out is smaller than that, MdCtxRef::digest_final() writes past its end, usually corrupting the stack. This is reachable from safe Rust.

Severity

• CVSS Score: 8.1 / 10 (High)
• Vector String: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U

References

• https://github.com/rust-openssl/rust-openssl/security/advisories/GHSA-ghm9-cr32-g9qj
• https://github.com/rust-openssl/rust-openssl/pull/2608
• https://github.com/rust-openssl/rust-openssl/commit/826c3888b77add418b394770e2b2e3a72d9f92fe
• https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78
• https://nvd.nist.gov/vuln/detail/CVE-2026-41681
• https://github.com/advisories/GHSA-ghm9-cr32-g9qj

This data is provided by the GitHub Advisory Database (CC-BY 4.0).

---

rust-openssl: Unchecked callback length in PSK/cookie trampolines leaks adjacent memory to peer

CVE-2026-41898 / GHSA-hppc-g8h3-xhp3

More information

Details

The FFI trampolines behind SslContextBuilder::set_psk_client_callback, set_psk_server_callback, set_cookie_generate_cb, and set_stateless_cookie_generate_cb forwarded the user closure's returned usize directly to OpenSSL without checking it against the &mut [u8] that was handed to the closure. This can lead to buffer overflows and other unintended consequences.

Severity

• CVSS Score: 8.3 / 10 (High)
• Vector String: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N

References

• https://github.com/rust-openssl/rust-openssl/security/advisories/GHSA-hppc-g8h3-xhp3
• https://github.com/rust-openssl/rust-openssl/pull/2607
• https://github.com/rust-openssl/rust-openssl/commit/1d109020d98fff2fb2e45c39a373af3dff99b24c
• https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78
• https://nvd.nist.gov/vuln/detail/CVE-2026-41898
• https://github.com/advisories/GHSA-hppc-g8h3-xhp3

This data is provided by the GitHub Advisory Database (CC-BY 4.0).

---

rust-openssl has incorrect bounds assertion in aes key wrap

CVE-2026-41678 / GHSA-8c75-8mhr-p7r9

More information

Details

Summary

aes::unwrap_key() has an incorrect bounds assertion on the out buffer size, which can lead to out-of-bounds write.

Details

aes::unwrap_key() contains an incorrect assertion: it checks that out.len() + 8 <= in_.len(), but this condition is reversed. The intended invariant is out.len() >= in_.len() - 8, ensuring the output buffer is large enough.

Because of the inverted check, the function only accepts buffers at or below the minimum required size and rejects larger ones. If a smaller buffer is provided the function will write past the end of out by in_.len() - 8 - out.len() bytes, causing an out-of-bounds write from a safe public function.

Impact

Vulnerable applications using AES keywrap and allowing attacker controlled buffer sizes could have an attacker trigger an out-of-bounds write.

Severity

• CVSS Score: 7.2 / 10 (High)
• Vector String: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U

References

• https://github.com/rust-openssl/rust-openssl/security/advisories/GHSA-8c75-8mhr-p7r9
• https://github.com/rust-openssl/rust-openssl/pull/2604
• https://github.com/rust-openssl/rust-openssl/commit/718d07ff8ff7be417d5b7a6a0047f1607520b3b6
• https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78
• https://nvd.nist.gov/vuln/detail/CVE-2026-41678
• https://github.com/advisories/GHSA-8c75-8mhr-p7r9

This data is provided by the GitHub Advisory Database (CC-BY 4.0).

---

rust-opennssl has an Out-of-bounds read in PEM password callback when returning an oversized length

CVE-2026-41677 / GHSA-xmgf-hq76-4vx2

More information

Details

The *_from_pem_callback APIs did not validate the length returned by the user's callback. A password callback that returns a value larger than the buffer it was given can cause some versions of OpenSSL to over-read this buffer. OpenSSL 3.x is not affected by this.

Severity

• CVSS Score: 1.7 / 10 (Low)
• Vector String: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:U

References

• https://github.com/rust-openssl/rust-openssl/security/advisories/GHSA-xmgf-hq76-4vx2
• https://github.com/rust-openssl/rust-openssl/pull/2605
• https://github.com/rust-openssl/rust-openssl/commit/5af6895c907773699f37f583f409b862284062b1
• https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78
• https://nvd.nist.gov/vuln/detail/CVE-2026-41677
• https://github.com/advisories/GHSA-xmgf-hq76-4vx2

This data is provided by the GitHub Advisory Database (CC-BY 4.0).

---

rust-openssl: Deriver::derive and PkeyCtxRef::derive can overflow short buffers on OpenSSL 1.1.1

CVE-2026-41676 / GHSA-pqf5-4pqq-29f5

More information

Details

Deriver::derive (and PkeyCtxRef::derive) sets len = buf.len() and passes it as the in/out length to EVP_PKEY_derive, relying on OpenSSL to honor it. On OpenSSL 1.1.x, X25519, X448, DH and HKDF-extract ignore the incoming *keylen, unconditionally writing the full shared secret (32/56/prime-size bytes). A caller passing a short slice gets a heap/stack overflow from safe code. OpenSSL 3.x providers do check, so this only impacts older OpenSSL.

Severity

• CVSS Score: 7.2 / 10 (High)
• Vector String: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U

References

• https://github.com/rust-openssl/rust-openssl/security/advisories/GHSA-pqf5-4pqq-29f5
• https://github.com/rust-openssl/rust-openssl/pull/2606
• https://github.com/rust-openssl/rust-openssl/commit/09b425e5f59a2466d806e71a83a9a449c914c596
• https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78
• https://nvd.nist.gov/vuln/detail/CVE-2026-41676
• https://github.com/advisories/GHSA-pqf5-4pqq-29f5

This data is provided by the GitHub Advisory Database (CC-BY 4.0).

---

Release Notes

rust-openssl/rust-openssl (openssl)

v0.10.78

Compare Source

What's Changed

• Fix Suite B flag assignments in verify.rs by @​alex in #​2592
• Use cvt_p for OPENSSL_malloc error handling by @​alex in #​2593
• Mark BIO_get_mem_data on AWS-LC to be unsafe by @​alex in #​2594
• Set timeout for package installation step by @​alex in #​2595
• Panic in Crypter::new when IV is required but not provided by @​alex in #​2596
• openssl 4 support by @​reaperhulk in #​2591
• Avoid panic for overlong OIDs by @​botovq in #​2598
• Fix dangling stack pointer in custom extension add callback by @​alex in #​2599
• Add support for LibreSSL 4.3.x by @​botovq in #​2603
• fix inverted bounds assertion in AES key unwrap by @​reaperhulk in #​2604
• Reject oversized length returns from password callback trampoline by @​alex in #​2605
• Validate callback-returned lengths in PSK and cookie trampolines by @​alex in #​2607
• Error for short out in MdCtxRef::digest_final() by @​botovq in #​2608
• Check derive output buffer length on OpenSSL 1.1.x by @​alex in #​2606
• Release openssl v0.10.78 and openssl-sys v0.9.114 by @​alex in #​2609

Full Changelog: rust-openssl/rust-openssl@openssl-v0.10.77...openssl-v0.10.78

v0.10.77

Compare Source

What's Changed

• CI: Hash-pin all action usage, avoid credential persistence in actions/checkout by @​woodruffw in #​2587
• Bump aws-lc-sys to 0.39 by @​goffrie in #​2588
• md_ctx: enable sign/verify/reset on BoringSSL, LibreSSL, and AWS-LC by @​alex in #​2589
• Release openssl v0.10.77 and openssl-sys v0.9.113 by @​alex in #​2590

New Contributors

• @​woodruffw made their first contribution in #​2587

Full Changelog: rust-openssl/rust-openssl@openssl-v0.10.76...openssl-v0.10.77

v0.10.76

Compare Source

What's Changed

• feat: New methods EVP_PKEY_new_raw_*_key_ex and EVP_PKEY_is_a by @​FinnRG in #​2521
• Fix invalid value parsing of OCSP revocation reason by @​danpashin in #​2523
• Bump actions/checkout from 5 to 6 by @​dependabot[bot] in #​2524
• Bump aws-lc-sys from 0.27 to 0.34 by @​goffrie in #​2526
• Expose X509_NAME_dup on all versions of OpenSSL by @​alex in #​2529
• Unconditionally expose some *_dup() functions by @​botovq in #​2530
• reintroduce dir_name support for subject_alt_names by @​mqqz in #​2528
• Fix cipher comparison with NID instead of pointers by @​lwestlund in #​2531
• Remove ASN1_STRING_data for LibreSSL 4.3.0 by @​botovq in #​2534
• drop openssl 1.0.2 by @​alex in #​2545
• Bump actions/cache from 4 to 5 by @​dependabot[bot] in #​2542
• Add Debug implementation for EcdsaSig{,Ref} by @​buytenh in #​2540
• Add HKDF support by @​Zenkibou in #​2543
• Enhance Debug implementation for Nid by @​buytenh in #​2547
• Remove X509_VERIFY_PARAM_ID for LibreSSL 4.3.0 by @​botovq in #​2549
• Add UpperHex implementation for BigNum{,Ref} by @​buytenh in #​2550
• Add Debug implementation for EcGroup{,Ref} by @​buytenh in #​2548
• test against openssl 3.6.0 in ci by @​alex in #​2546
• Remove more OpenSSL 1.0.2 complications by @​botovq in #​2559
• Still more OpenSSL 1.0.2 complications by @​botovq in #​2560
• Remove more dead config branches by @​botovq in #​2561
• Let AWS-LC use the BoringSSL path for BIO_METHOD by @​botovq in #​2562
• Two small LibreSSL tweaks by @​botovq in #​2563
• Upgrade ctest to 0.5 by @​alex in #​2569
• add more brainpool curve NID constants by @​butteronarchbtw in #​2567
• fix min-version CI by @​alex in #​2573
• Fix use-after-free of error strings on BoringSSL/aws-lc by @​alex in #​2572
• Pin quote to 1.0.44 for min-version CI by @​alex in #​2579
• Constify from_raw by @​DarkaMaul in #​2580
• Support pregenerated Rust bindings from AWS-LC installations by @​justsmth in #​2578
• Bump aws-lc-sys to 0.38 by @​goffrie in #​2581
• Release openssl v0.10.76 and openssl-sys v0.9.112 by @​weihanglo in #​2582

New Contributors

• @​FinnRG made their first contribution in #​2521
• @​danpashin made their first contribution in #​2523
• @​mqqz made their first contribution in #​2528
• @​lwestlund made their first contribution in #​2531
• @​buytenh made their first contribution in #​2540
• @​Zenkibou made their first contribution in #​2543
• @​butteronarchbtw made their first contribution in #​2567
• @​DarkaMaul made their first contribution in #​2580
• @​weihanglo made their first contribution in #​2582

Full Changelog: rust-openssl/rust-openssl@openssl-v0.10.75...openssl-v0.10.76

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • ""
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.