debian-targets.patch
man-section.patch
no-symbolic.patch
pic.patch
c_rehash-compat.patch
Configure-allow-to-enable-ktls-if-target-does-not-start-w.patch
conf-Serialize-allocation-free-of-ssl_names.patch

# Ubuntu patches

default-configuration-read-dropins-and-crypto-config.patch

s390x-Add-hardware-acceleration-for-full-AES-XTS.patch

# Patches between 3.4.1 and 2025/04/02
post-3.4.1/0001-Prepare-for-3.4.2.patch
post-3.4.1/0002-Avoid-calling-ssl_load_sigalgs-in-tls1_set_sigalgs_l.patch
post-3.4.1/0003-Fix-configuring-provider-certificate-algs-via-config.patch
post-3.4.1/0004-Add-a-test-for-configuring-provider-certs-via-config.patch
post-3.4.1/0005-test-quicapitest.c-Increase-timeout-of-test_fin_only.patch
post-3.4.1/0006-Revert-rcu-Ensure-that-updates-to-the-ID-field-of-a-.patch
post-3.4.1/0007-Rework-and-simplify-RCU-code.patch
post-3.4.1/0008-LoongArch-Fix-output-file-name-detection-for-Perl-sc.patch
post-3.4.1/0009-SPARC-assembly-Don-t-file-aes-cbc-on-T4-with-small-s.patch
post-3.4.1/0010-Don-t-use-__ATOMIC_ACQ_REL-on-older-compilers.patch
post-3.4.1/0011-Free-hashtable-prior-to-freeing-atomic-worker_lock.patch
post-3.4.1/0012-Fix-memory-leak-in-ecdsa_keygen_knownanswer_test.patch
post-3.4.1/0013-fix-add-check-for-NULL-zalloc-in-tls-provider.c-reve.patch
post-3.4.1/0014-Make-org.openssl.winstore-work-in-openssl-ts.patch
post-3.4.1/0016-Cleanup-atomic-fallbacks-in-threads_pthread.c.patch
post-3.4.1/0017-Make-CRYPTO_atomic_load-store-use-the-same-preproces.patch
post-3.4.1/0019-Re-enable-RCU-torture-test-on-MACOSX.patch
post-3.4.1/0020-Revert-wrong-macos-RCU-fix.patch
post-3.4.1/0021-doc-document-that-the-FIPS-provider-doesn-t-support-.patch
post-3.4.1/0022-fix-add-OOM-handler-for-x509-fuzz-test.patch
post-3.4.1/0023-Fix-potential-memory-leaks-in-error-paths-in-ossl_rs.patch
post-3.4.1/0024-Fix-potential-leak-in-error-path-in-cert_response.patch
post-3.4.1/0025-add_uris_recursive-Avoid-OSSL_STORE_INFO-leak-on-err.patch
post-3.4.1/0026-Fix-potential-memory-leak-in-policy_section.patch
post-3.4.1/0027-Fix-read-out-of-buffer-bounds-when-dealing-with-BIO_.patch
post-3.4.1/0028-Change-cipher-suite-alert-for-0-length-cipher_suites.patch
post-3.4.1/0029-Add-record-overflow-test-to-tlsfuzzer-external-tests.patch
post-3.4.1/0030-Tolerate-3.5-FIPS-providers-in-kem_rsa_params-test.patch
post-3.4.1/0031-Encoder-Fix-floating-pointer-when-OSSL_ENCODER_to_da.patch
post-3.4.1/0032-doc-fix-OSSL_WINCTX-spelling-windows-notes.patch
post-3.4.1/0033-apps-Escape-control-characters-in-DNs-by-default.patch
post-3.4.1/0034-Fix-libctx-passing-for-CMS-PWRI-use.patch
post-3.4.1/0036-Update-doc-README-URLs.patch
post-3.4.1/0037-Move-ssl_err.c-into-libcrypto.patch
post-3.4.1/0038-minor-doc-fixes-for-CMP-and-HTTP.patch
post-3.4.1/0039-Fix-a-compilation-failure-in-AIX.patch
post-3.4.1/0041-Fix-support-for-windows-atomics.patch
post-3.4.1/0042-RCU-Ensure-that-qp-s-are-actually-retired-in-order.patch
post-3.4.1/0043-Updated-SSL_SESSION_get0_hostname-documentation-to-b.patch
post-3.4.1/0044-Fix-RCU-TODOs.patch
post-3.4.1/0045-Keep-the-provided-peer-EVP_PKEY-in-the-EVP_PKEY_CTX-.patch
post-3.4.1/0046-Fix-Minerva-timing-side-channel-signal-for-P-384-cur.patch
post-3.4.1/0047-Fix-a-memory-order-issue-with-weakly-ordered-systems.patch
post-3.4.1/0048-Do-some-more-cleanup-in-the-RCU-code.patch
post-3.4.1/0049-Fix-gettable_params-for-ECX.patch
post-3.4.1/0051-apps-cms.c-apps-ocsp.c-Added-NULL-pointer-checks.patch
post-3.4.1/0052-Avoid-erroneous-legacy-code-path-when-provided.patch
post-3.4.1/0053-qlog_event_helpers.c-Fix-inverted-condition.patch
post-3.4.1/0054-Try-to-fix-reported-qlog-issues.patch
post-3.4.1/0055-Do-not-wrap-the-python3-in-.-.-util-wrap.pl.patch
post-3.4.1/0057-Try-to-fix-endless-loops-in-quic_multistream_test.patch
post-3.4.1/0058-Fix-NULL-pointer-dereference-in-asn1_ex_i2c-crypto-a.patch
post-3.4.1/0059-Allow-ECDSA-signing-with-digests-without-a-NID-in-de.patch
post-3.4.1/0060-Test-EVP_DigestSignInit-with-ECDSA-and-KECCAK-256-ha.patch
post-3.4.1/0061-Memory-leak-fix-ktls_meth.c.patch
post-3.4.1/0062-Change-documentation-to-point-to-new-wiki-location.patch
post-3.4.1/0063-In-doc-man7-provider-en-de-coder.pod-clarify-where-p.patch
post-3.4.1/0065-Fix-return-value-of-the-i2d_ASN1_bio_stream-call.patch
post-3.4.1/0066-Moved-crypto-bn-README.pod-to-internal-manpages.patch
post-3.4.1/0067-bn_mul_words.pod-Fix-failures-in-doc-nits-check.patch
post-3.4.1/0068-Update-X509_VERIFY_PARAM_set_flags.pod.patch
post-3.4.1/0069-Use-OPENSSL_strdup-for-strings-freed-by-OPENSSL_free.patch
post-3.4.1/0070-Fix-quic_multistream_test-correct-more-frame-types.patch
post-3.4.1/0072-apps-lib-apps.c-Add-a-check-for-OPENSSL_strdup.patch
post-3.4.1/0073-Update-FIPS-README.md-to-reflect-latest-versions.patch
post-3.4.1/0074-crypto-fix-preprocessor-concatenation.patch
post-3.4.1/0075-crypto-windows-use-LPCTSTR-for-the-temp-registry-buf.patch
post-3.4.1/0076-Fix-probing-the-registry-for-configuration.patch
post-3.4.1/0077-Fix-c-comment-in-ec-code.patch
post-3.4.1/0078-Fix-Strict-c-issue-in-aes_gcm-for-armv8.patch
post-3.4.1/0079-Fix-cpp-comment-in-windows-build.patch
post-3.4.1/0080-statem-always-save-sigalgs-during-PHA.patch
post-3.4.1/0081-Link-SSL_get_negotiated_group-and-SSL_get0_group_nam.patch
post-3.4.1/0083-Fix-a-visual-glitch-in-test_cmp_http.t.patch

# Ubuntu FIPS patches
fips/crypto-Add-kernel-FIPS-mode-detection.patch
fips/crypto-Automatically-use-the-FIPS-provider-when-the-kerne.patch
fips/apps-speed-Omit-unavailable-algorithms-in-FIPS-mode.patch
fips/apps-pass-propquery-arg-to-the-libctx-DRBG-fetches.patch
fips/test-Ensure-encoding-runs-with-the-correct-context-during.patch
fips/two-defines-for-fips-in-libssl-dev-headers.patch

CVE-2025-9230.patch
CVE-2025-9231-1.patch
CVE-2025-9231-2.patch
CVE-2025-9232.patch
