[3.9] gh-101726: Update the OpenSSL version to 1.1.1t (GH-101727) (GH-101751)

Fixes CVE-2023-0286 (High) and a couple of Medium security issues. https://www.openssl.org/news/secadv/20230207.txt Co-authored-by: Gregory P. Smith <greg@krypto.org> Co-authored-by: Ned Deily <nad@python.org>
author: Steve Dower <steve.dower@python.org> 2023-03-07 23:01:22 (GMT)
committer: GitHub <noreply@github.com> 2023-03-07 23:01:22 (GMT)
commit: bf99e19b997b6c42c6cddd9a73e47add549f24c6 (patch)
tree: 2da04fe3744db25401bd0a57a799a54a329da581 /Misc
parent: c25b484e82cace132a5f3c89b69888eaf7b1d40e (diff)
download: cpython-bf99e19b997b6c42c6cddd9a73e47add549f24c6.zip
cpython-bf99e19b997b6c42c6cddd9a73e47add549f24c6.tar.gz
cpython-bf99e19b997b6c42c6cddd9a73e47add549f24c6.tar.bz2
1 files changed, 4 insertions, 0 deletions
diff --git a/Misc/NEWS.d/next/Security/2023-02-08-22-03-04.gh-issue-101727.9P5eZz.rst b/Misc/NEWS.d/next/Security/2023-02-08-22-03-04.gh-issue-101727.9P5eZz.rst
new file mode 100644
index 0000000..43acc82
--- /dev/null
+++ b/Misc/NEWS.d/next/Security/2023-02-08-22-03-04.gh-issue-101727.9P5eZz.rst
@@ -0,0 +1,4 @@
+Updated the OpenSSL version used in Windows and macOS binary release builds
+to 1.1.1t to address CVE-2023-0286, CVE-2022-4303, and CVE-2022-4303 per
+`the OpenSSL 2023-02-07 security advisory
+<https://www.openssl.org/news/secadv/20230207.txt>`_.
author	Steve Dower <steve.dower@python.org>	2023-03-07 23:01:22 (GMT)
committer	GitHub <noreply@github.com>	2023-03-07 23:01:22 (GMT)
commit	bf99e19b997b6c42c6cddd9a73e47add549f24c6 (patch)
tree	2da04fe3744db25401bd0a57a799a54a329da581 /Misc
parent	c25b484e82cace132a5f3c89b69888eaf7b1d40e (diff)
download	cpython-bf99e19b997b6c42c6cddd9a73e47add549f24c6.zip cpython-bf99e19b997b6c42c6cddd9a73e47add549f24c6.tar.gz cpython-bf99e19b997b6c42c6cddd9a73e47add549f24c6.tar.bz2