chore: update dependencies

[renovate]

Update Request | Renovate Bot

This PR contains the following updates:

Package	Update	Change
curl/curl	minor	8_20_0 → 8_21_0
git://git.kernel.org/pub/scm/utils/util-linux/util-linux.git	patch	2.42.1 → 2.42.2
git://git.savannah.gnu.org/libtool.git	minor	2.5.4 → 2.6.1
https://gitlab.kitware.com/cmake/cmake.git	patch	4.3.3 → 4.3.4
libffi/libffi	minor	3.5.2 → 3.6.0
llvm/llvm-project	patch	22.1.7 → 22.1.8
openssl/openssl	major	3.6.3 → 4.0.1
pkgconf/pkgconf	minor	2.5.1 → 2.9.90

---

Release Notes

curl/curl (curl/curl)

v8_21_0: 8.21.0

Compare Source

changelog
release blog

cmake/cmake (https://gitlab.kitware.com/cmake/cmake.git)

v4.3.4

Compare Source

libffi/libffi (libffi/libffi)

v3.6.0: libffi 3.6.0

Compare Source

Add LoongArch32 support.
Add RISC-V static trampoline support.
Add aarch64 GCS (Guarded Control Stack) support.
Add aarch64 feature build attribute support.
Add ppc64le ELFv2 complex type support.
Add conditional target support for __int128.
Add x86_64 IEEE binary128 long double support (e.g. x86_64 Android).
Update bundled dlmalloc to upstream 2.8.6.
Fix closures using FFI_REGISTER ABI.
Fix SH linker errors with USER_LABEL_PREFIX.
Fix compilation for ARM Windows targets.
Fix compilation for Cortex-A53.
Fix test compilation for some Android platforms.
Fix x86 ASAN compatibility for win64.
Fix clang -Werror-semi builds on riscv, or1k, loongarch.
Fix NULL deref in dlmalloc sys_trim on heap corruption.
Fix ThreadSanitizer data race in dlmalloc mparams init (#​873).
Define WIN32_LEAN_AND_MEAN before including windows.h.
Fix comments that trip up some toolchains.

llvm/llvm-project (llvm/llvm-project)

v22.1.8: LLVM 22.1.8

Compare Source

LLVM 22.1.8 Release

• Linux x86_64 (signature)
• Linux Arm64 (signature)

• macOS Apple Silicon (ARM64) (signature)

• Windows x64 (64-bit): installer (signature), archive (signature)

• Windows on Arm (ARM64): installer (signature), archive (signature)

Download links for common platforms will appear above once builds have completed, if they are available. Check the full list of release packages at the bottom of this release page if you do not find a link above.

If you do not find a release package for your platform, you may be able to find a community built package on the LLVM Discourse forum thread for this release. Remember that these are built by volunteers and may not always be available. If you rely on a platform or configuration that is not one of the defaults, we suggest you use the binaries that your platform provides, or build your own release packages.

Package Types

Each platform has one binary release package. The file name starts with either LLVM- or clang+llvm- and ends with the platform's name. For example, LLVM-22.1.8-Linux-ARM64.tar.xz contains LLVM binaries for Arm64 Linux.

Except for Windows. Where LLVM-*.exe is an installer intended for using LLVM as a toolchain and the archive clang+llvm- contains the contents of the installer, plus libraries and tools not normally used in a toolchain. You most likely want the LLVM- installer, unless you are developing software which itself uses LLVM, in which case choose clang+llvm-.

In addition, source archives are available:

• To get all the llvm-project source code for this release, choose llvm-project-22.1.8.src.tar.xz.
• test-suite-22.1.8.src.tar.xz is an archive of the LLVM Test Suite) for this release.

Verifying Packages

All packages come with a matching .sig and/or .jsonl file. You should use these to verify the integrity of the packages.

If it has a .sig file, it should have been signed by the release managers using GPG. Download the keys from the LLVM website, import them into your keyring and use them to verify the file:

$ gpg --import release-keys.asc
$ gpg --verify <package file name>.sig <package file name>

If it has a .jsonl file, use gh to verify the package:

$ gh attestation verify --repo llvm/llvm-project <package file name>
(if you are able to connect to GitHub)
$ gh attestation verify --repo llvm/llvm-project <package file name> --bundle <package file name>.jsonl
(using attestation file on disk)

openssl/openssl (openssl/openssl)

v4.0.1

Compare Source

• Add client-side validation for TLS 1.3 session ticket lifetimes.

  In accordance with RFC 8446 Section 4.6.1,
  TLS 1.3 clients must not cache session tickets
  for longer than 7 days (604800 seconds).
  When processing a new session ticket message with a
  ticket_lifetime_hint value greater than 7 days,
  the client now caps the lifetime to the
  maximum permitted value of 7 days (604800 seconds).

  Abel Thomas

v4.0.0

Compare Source

• Fixed heap use-after-free in PKCS7_verify().

  Severity: High

  Issue summary: A specially crafted PKCS#7 or S/MIME signed message could
  trigger a use-after-free during PKCS#7 signature verification.

  Impact summary: A use-after-free may result in process crashes, heap
  corruption, or, potentially, remote code execution.

  Reported by: Thai Duong (Calif.io in collaboration with Claude
  and Anthropic Research).

  ([CVE-2026-45447])

  Igor Ustinov

• Fixed CMS AuthEnvelopedData processing may accept forged messages.

  Severity: Moderate

  Issue Summary: Cryptographic Message Services (CMS) processing fails
  to perform sufficient input validation on the cipher and tag length fields
  of AuthEnvelopedData containers, leading to various potential compromises.

  Impact Summary: Attackers making use of these vulnerabilities may achieve
  key-equivalent functionality for a given CMS recipient and/or bypass
  integrity validation for a given message.

  Reported by: Asim Viladi Oglu Manizada, Alex Gaynor (Anthropic),
  Ying Dong, and Haiyang Huang.

  ([CVE-2026-34182])

  Neil Horman

• Fixed unbounded memory growth in the QUIC PATH_CHALLENGE handler.

  Severity: Moderate

  Issue summary: Remote peer may exhaust heap memory of the QUIC server
  or client by flooding it with packets containing PATH_CHALLENGE frames.

  Impact summary: A malicious remote peer can cause an unbounded memory
  allocation which can lead to an abnormal termination of the application
  acting as a QUIC client or server and a Denial of Service.

  Reported by: Abhinav Agarwal.

  ([CVE-2026-34183])

  Abhinav Agarwal and Alexandr Nedvedicky

• Fixed double-free when checking OCSP stapled response.

  Severity: Moderate

  Issue summary: A malicious server can exploit TLS OCSP stapling by delivering
  a crafted response through the status_request extension, triggering
  a double-free in the client's certificate verification path.

  Impact summary: Successful exploitation allows an attacker to corrupt heap
  memory via a double-free, potentially leading to a Denial of Service
  or possibly an attacker controlled code execution or other undefined
  behavior.

  Reported by: Wang Kenaz (University of Illinois),
  Guido Vranken (Aisle Research), and Aaron Grattafiori (Nvidia).

  ([CVE-2026-35188])

  Daniel Kubec

• Fixed NULL pointer dereference in QUIC server initial packet handling.

  Severity: Moderate

  Issue summary: Receiving a QUIC initial packet with an invalid token
  may trigger a NULL pointer dereference in the OpenSSL QUIC server
  with address validation disabled.

  Impact summary: NULL pointer dereference typically causes abnormal
  termination of the affected QUIC server process and a Denial of Service.

  Reported by: Sunwoo Lee (KENTECH), Hyuk Lim (KENTECH),
  and Seunghyun Yoon (KENTECH).

  ([CVE-2026-42764])

  Sunwoo Lee (KENTECH), Hyuk Lim (KENTECH), and Seunghyun Yoon (KENTECH)

• Fixed AES-OCB IV ignored on EVP_Cipher() path.

  Severity: Moderate

  Issue summary: When an application drives an AES-OCB context through
  the public EVP_Cipher() one-shot interface, the application-supplied
  initialisation vector (IV) is silently discarded.

  Impact summary: Every message encrypted under the same key uses the same
  effective nonce regardless of the IV supplied by the caller, resulting
  in (key, nonce) reuse and loss of confidentiality. If the same code path
  is used to compute the authentication tag, the tag depends only
  on the (key, IV) pair and not on the plaintext or ciphertext, allowing
  universal forgery of arbitrary ciphertext from a single captured message.

  Reported by: Alex Gaynor (Anthropic).

  ([CVE-2026-45445])

  Viktor Dukhovni

• Fixed possible heap buffer overflow in ASN.1 multibyte string conversion.

  Severity: Low

  Issue summary: A signed integer overflow when sizing the destination
  buffer for Unicode output in ASN1_mbstring_ncopy() can lead to a heap
  buffer overflow.

  Impact summary: A heap buffer overflow may lead to a crash or possibly
  attacker controlled code execution or other undefined behaviour.

  Reported by: Zehua Qiao and Jinwen He.

  ([CVE-2026-7383])

  Viktor Dukhovni

• Fixed out-of-bounds read in CMS password-based decryption.

  Severity: Low

  Issue summary: When CMS password-based decryption ([RFC 3211]/PWRI key
  unwrap) processes attacker-supplied CMS data, an attacker-chosen stream-mode
  KEK cipher can trigger a heap out-of-bounds read in kek_unwrap_key().

  Impact summary: A heap buffer over-read may trigger a crash, which leads
  to Denial of Service for an application if the input buffer ends at a memory
  page boundary and the following page is unmapped. There is no information
  disclosure, as the over-read bytes are not revealed to the attacker.

  Reported by: Bhabani Sankar Das and Haruki Oyama (Waseda University).

  ([CVE-2026-9076])

  Nikola Pajkovský

• Fixed heap buffer over-read in ASN.1 content parsing.

  Severity: Low

  Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive
  element whose content exceeds 2 gigabytes in length may cause a heap buffer
  over-read on 64-bit Unix and Unix-like platforms.

  Impact summary: The heap buffer over-read may crash the application (Denial
  of Service) or to load into the decoded ASN.1 object contents of memory
  beyond the end of the input buffer. More typically, such ASN.1 elements
  would instead be truncated.

  Reported by: Frank Buss.

  ([CVE-2026-34180])

  Viktor Dukhovni

• Fixed PKCS#12 files with PBMAC1 are accepted with short HMAC keys.

  Severity: Low

  Issue Summary: The PKCS#12 file processing fails to perform sufficient input
  validation for files that use Password-Based Message Authentication Code 1
  (PBMAC1) integrity mechanism allowing a certificate and private key forgery.

  Impact Summary: An attacker impersonating a user can cause a service reading
  PKCS#12 files to accept forged certificates and private keys with a 1 in 256
  probability.

  Reported by: Pavol Žáčik (Red Hat) and Alex Gaynor (Anthropic).

  ([CVE-2026-34181])

  Alicja Kario (Red Hat)

• Fixed NULL dereference in certificate verification with OCSP Checking.

  Severity: Low

  Issue summary: When a partial-chain certificate verification is enabled
  together with OCSP response checking for the whole chain, a NULL dereference
  will happen if the verified chain does not have a self-signed trusted anchor,
  crashing the process.

  Impact summary: A NULL pointer dereference can trigger a crash which leads
  to a Denial of Service for an application.

  Reported by: Joshua Rogers (Aisle Research).

  ([CVE-2026-42765])

  Joshua Rogers (Aisle Research) and Daniel Kubec

• Fixed possible NULL dereference in password-dased CMS decryption.

  Severity: Low

  Issue summary: A specially crafted password-encrypted CMS message
  could trigger a NULL pointer dereference during CMS decryption.

  Impact summary: This NULL pointer dereference could lead to an application
  crash and a Denial of Service.

  Reported by: Mayank Jangid, Kushal Khemka, Hari Priandana,
  Bhabani Sankar Das, and Qifan Zhang (Palo Alto Networks).

  ([CVE-2026-42766])

  Igor Ustinov

• Fixed NULL pointer dereference in CRMF EncryptedValue decryption.

  Severity: Low

  Issue summary: An attacker-controlled CMP (Certificate Management Protocol)
  server could trigger a NULL pointer dereference in a CMP client application.

  Impact summary: A NULL pointer dereference could cause a crash
  of the application and a Denial of Service.

  Reported by: Zhanpeng Liu (Tencent Xuanwu Lab),
  Guannan Wang (Tencent Xuanwu Lab), and Guancheng Li (Tencent Xuanwu Lab).

  ([CVE-2026-42767])

  Igor Ustinov

• Fixed multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt()
  and PKCS7_decrypt().

  Severity: Low

  Issue summary: The CMS_decrypt() and PKCS7_decrypt() functions
  are vulnerable to Bleichenbacher-style attack when an attacker is able
  to provide CMS or S/MIME messages and observe the error code
  and/or decryption output.

  Impact summary: The Bleichenbacher-style attack allows an attacker to use
  the victim's vulnerable application as a way to decrypt or sign messages
  with the victim's private RSA key.

  Reported by: Alex Gaynor (Anthropic).

  ([CVE-2026-42768])

  Dmitry Belyavskiy (Red Hat) and Alicja Kario (Red Hat)

• Fixed trust anchor substitution via cert/issuer typo in CMP
  rootCaKeyUpdate.

  Severity: Low

  Issue Summary: An error in the callback used to verify the certificate
  provided in a Root CA key update Certificate Management Protocol (CMP)
  message response rendered the certificate validation ineffectual,
  which could lead to escalation of credentials from the Registration
  Authority (RA) level to the root Certification Authority (root CA) level.

  Impact Summary: The Registration Authority could replace the root CA
  certificate for the CMP clients with an arbitrary root CA certificate.

  Reported by: Alex Gaynor (Anthropic).

  ([CVE-2026-42769])

  Alex Gaynor (Anthropic) and Bob Beck

• Fixed FFC-DH peer validation uses attacker-supplied q.

  Severity: Low

  Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42)
  peer key, the peer key is not properly checked for the subgroup membership.

  Impact summary: A malicious peer which presents an X9.42 key carrying
  the victim's p and g parameters, a forged q = r (a small prime factor
  of the cofactor (p − 1)/q_local), and a public value Y of order r can
  recover the victim's private key after a small number of key exchange
  attempts.

  Reported by: Alex Gaynor (Anthropic).

  ([CVE-2026-42770])

  Alex Gaynor (Anthropic), Viktor Dukhovni, and Norbert Pócs

• Fixed possible out of bounds read in X509_VERIFY_PARAM_set1_email().

  Severity: Low

  Issue summary: When X509_VERIFY_PARAM_set1_email() is called
  by an application to validate a crafted e-mail address, such as during
  S/MIME message validation, an out of bounds read can happen.

  Impact summary: This out of bounds read will not directly exfiltrate
  the data read to the attacker, so, the most likely result is a crash
  and a Denial of Service.

  Reported by: TrendAI Zero Day Initiative.

  ([CVE-2026-42771])

  Bob Beck

• Fixed incorrect tag processing for empty messages in AES-GCM-SIV
  and AES-SIV modes.

  Severity: Low

  Issue summary: The implementations of AES-SIV ([RFC 5297]) and AES-GCM-SIV
  ([RFC 8452]) mishandle the authentication of AAD (Additional Authenticated
  Data) with an empty ciphertext, allowing forgery of such messages.

  Impact summary: An attacker can forge empty messages with arbitrary AAD
  to the victim's application using these ciphers.

  Reported by: Alex Gaynor (Anthropic).

  ([CVE-2026-45446])

  Dmitry Belyavskiy (Red Hat)

• Fixed a regression introduced in 4.0.0 that led to a openssl pkey
  command crash when it was invoked to encrypt a private key with password
  being provided interactively.

  Viktor Dukhovni

• Fixed a regression introduced in 4.0.0 that led to openssl s_client -adv
  command prematurely terminating a session when reading input of 16384 bytes
  in one read() call.

  Eugene Syromiatnikov

• Fixed TLS 1.3 server not sending NewSessionTicket message
  after ciphersuite mismatch.

  Daniel Kubec

• Implemented validation of the minimal length of PSK identity
  being of at least one byte long, as required per [RFC 8446].

  Matt Caswell

• Fixed usage of stale application buffer pointer by kTLS implementation
  after incomplete writes when SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER is set,
  that led to invalid memory reads and sending of incorrect data.

  Ilya Maximets

pkgconf/pkgconf (pkgconf/pkgconf)

v2.9.90

Compare Source

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • Between 12:00 AM and 03:59 AM, only on Monday (* 0-3 * * 1)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.