From mboxrd@z Thu Jan  1 00:00:00 1970
Delivery-date: Wed, 04 Sep 2024 19:30:01 +0200
Received: from metis.whiteo.stw.pengutronix.de ([2a0a:edc0:2:b01:1d::104])
	by lore.white.stw.pengutronix.de with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <ptxdist-bounces+lore=lore.pengutronix.de@pengutronix.de>)
	id 1sltpS-001I5z-1J
	for lore@lore.pengutronix.de;
	Wed, 04 Sep 2024 19:30:01 +0200
Received: from localhost ([127.0.0.1] helo=metis.whiteo.stw.pengutronix.de)
	by metis.whiteo.stw.pengutronix.de with esmtp (Exim 4.92)
	(envelope-from <ptxdist-bounces@pengutronix.de>)
	id 1sltpR-0006GB-Ll; Wed, 04 Sep 2024 19:30:01 +0200
Received: from mail-vi1eur03on2115.outbound.protection.outlook.com
 ([40.107.103.115] helo=EUR03-VI1-obe.outbound.protection.outlook.com)
 by metis.whiteo.stw.pengutronix.de with esmtps
 (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92)
 (envelope-from <christian.melki@t2data.com>) id 1sltpE-0006Cu-W8
 for ptxdist@pengutronix.de; Wed, 04 Sep 2024 19:29:49 +0200
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;
 b=WT2UV1HYKFbEiWdijTqp41hMLhdKni4ffcSfVKszkJQZDYZE6nQk0hhflBQl/JOiWfCogK9SA9JZ+d8Fd01zp8ab8IeT0HP5avQpp/YvtNTpJM3oY5NUw0ijsFxbTk/iy1VjkUd6Xx8FQQsWsH/d4Dun+6oKtBkP39T/P2qKYzYAIMj7KAvNu8P7hcFFcvP6KmBS6umxIhFnopeiQ2IMIIpqif1hSWHwkj5nhF9OMyZN57FKY2BLbTW2jM5ZTTvJXoL058HUKOZSl87YRne5xp4kxMUaRIzIwMaqfviK40jJDy0VoXJg+QSorPA+/aYK+Fj5gd0eKZIs/bTh7yr8TA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; 
 s=arcselector10001;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=uzZ8cOXRgwXb9H0SK1u89LDrMUuFI0ZXzIHuH22jJxw=;
 b=usmDVNnysowubhxU3ip3Nv0C4jYk45hEAj9OzlD1ILIXXwOjFL93gDSK+lcdmsUEuCwXnoeBp3nuUDMYCP84UYbEeFDGhGlHnYCNyuk+y1ojLLlC2FX/GCwrnxsvM8NIen4Mdewh+43MOVFeJU4KCwYn1GWi7aOsk2H5hDX+SXUNyNNMsQ1uC+jAWFE8ec8Y2aAeGSKy1cC36Af6NLJ1uHrrwCCEzYQ+ImWGfyPqFV5POAQXe7cPAoC0aetVGKIs4ol6EJZfEeYwpuV0IAcZDauGbqjJtVnxTxaVe5E/uyhLgp8VCdTubG7AbJxydFSjHCftSotoJMcN2rdVhpnF2A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=t2data.com; dmarc=pass action=none header.from=t2data.com;
 dkim=pass header.d=t2data.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=t2datacom.onmicrosoft.com; s=selector1-t2datacom-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=uzZ8cOXRgwXb9H0SK1u89LDrMUuFI0ZXzIHuH22jJxw=;
 b=CVTlTBLp9dvsqzpfjG9URGoR5mtFUO8jN0HHX90iG0cHikfxP1+Q3O9sILbLcBmDVjXKKf8oTd9j/dXlfFW2a0PfD1NaBwzahBF0gasc9obN8xJxRxVCbUakp/m0g28v0YqT4w9uaCfKPcjtxzgX2uIj8Eekpfa0+Gz9G0icg2A=
Authentication-Results: dkim=none (message not signed)
 header.d=none;dmarc=none action=none header.from=t2data.com;
Received: from DB9P251MB0618.EURP251.PROD.OUTLOOK.COM (2603:10a6:10:334::22)
 by DU0P251MB0851.EURP251.PROD.OUTLOOK.COM (2603:10a6:10:3b9::14) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7918.27; Wed, 4 Sep
 2024 17:29:45 +0000
Received: from DB9P251MB0618.EURP251.PROD.OUTLOOK.COM
 ([fe80::fe8d:f825:5b29:2903]) by DB9P251MB0618.EURP251.PROD.OUTLOOK.COM
 ([fe80::fe8d:f825:5b29:2903%7]) with mapi id 15.20.7918.024; Wed, 4 Sep 2024
 17:29:45 +0000
From: Christian Melki <christian.melki@t2data.com>
To: ptxdist@pengutronix.de
Date: Wed,  4 Sep 2024 19:29:39 +0200
Message-Id: <20240904172939.2400500-1-christian.melki@t2data.com>
X-Mailer: git-send-email 2.34.1
Content-Transfer-Encoding: 8bit
Content-Type: text/plain
X-ClientProxiedBy: GV3PEPF00002BB6.SWEP280.PROD.OUTLOOK.COM
 (2603:10a6:144:1:0:6:0:b) To DB9P251MB0618.EURP251.PROD.OUTLOOK.COM
 (2603:10a6:10:334::22)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: DB9P251MB0618:EE_|DU0P251MB0851:EE_
X-MS-Office365-Filtering-Correlation-Id: ad7a18b6-0dff-4e49-4cb6-08dccd072b33
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
 ARA:13230040|52116014|376014|366016|1800799024|38350700014; 
X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?pThf4chCJQXRsJgDGyoIxQ/+NjxbGvRa29pi7R55JtHfgcToBatF/RJv5MAr?=
 =?us-ascii?Q?RQwYOTkhRvT1B54zpuCoqqMoz9WjDkgR+1lS72NPVNxJi9sc0iL+EA7OGIuX?=
 =?us-ascii?Q?Mh4CCOw+h5i57Mi9nMfs0wpL2PEvCOKZqKrKpqWZu72zeaYGpVh9naOflQov?=
 =?us-ascii?Q?dggpGLOxD0jFfmyAB92MHIPzekFH63BdmXjvvJ0RDHr8KrK6SR3Vt4cyv6uU?=
 =?us-ascii?Q?eJsNjt/qluCPArS4iRykc7RjFeKUXuQUXrvrIcBIqZ8WCq5le6++EleMj16d?=
 =?us-ascii?Q?+9avYImdVBjeXGjJR5DwwlI+4o+pSu7RcsDm0NEoF402uzaC4sIuHsoqiVat?=
 =?us-ascii?Q?6Pkpv/H4b/EGygL45HRt1+fEuYN1itQommOBYA5+sUCAWzCVuLaAP2ljde35?=
 =?us-ascii?Q?q9vKQ67Yco3l2V2QbT11//WpfBixhxXqEFjCeK9BpRbKzDXZlvv/CxTKPWWk?=
 =?us-ascii?Q?ISLKbRlvLbRXcUgNfjBLyahP60dLKOvgPT3OkcVjV++I6QnS3pY1z2Gfv/99?=
 =?us-ascii?Q?9L9DZK1+Tpct3l498GXezFZCIdI36GOZDbrvtGOJfnr9Rih9a0AmgSyNwUHD?=
 =?us-ascii?Q?rnqU9LjBbvoWn0XtYTV/5B1SKl7lBJKJoHnCbXtH4sLWu+AUJhygJMDUGehT?=
 =?us-ascii?Q?h5UJhaR0xDaLk3vFjHIGPxZ2NIdTG1MF57muNEih0nPEUi6q6XrGhareZa9a?=
 =?us-ascii?Q?4cbnlEzwf9t4RMPNCJERwt7zHS8hK5iVC6gRKjToMeEXwP5k3DoEZudMeX55?=
 =?us-ascii?Q?cNjiWxdaCvGkrAtpWiplONwrkTC8ZcxSy6xTZo5hXexKTfYb9/EMhGMdRUwr?=
 =?us-ascii?Q?vYElOjvz940NrtZKYLyzK/bKGds5TcGbPX+vlhqLSHYhQpvvaTdr8rlCJ6JX?=
 =?us-ascii?Q?DbGY/SvhQHrAYaGd3NLBNG3CPr60U6cYo0xmLjLsX5boN1bP/dXSrO26dLJB?=
 =?us-ascii?Q?lT7kR1+ZR/rNEJDT5rGdkgh+uVG8EjEp99srnHwfMHGIBCbvhuGWJtQKgwZw?=
 =?us-ascii?Q?V9WaKFbMKMzimaQWDfhgLj53QcLpzLvPEj2235i0WE14BqTwiN1dWGYpgZei?=
 =?us-ascii?Q?YEReGgIUeK/CpDA1ZrGiHF9XpHGlwDaEZXnJ7cyodm1GiHDiabOmC+/ratWP?=
 =?us-ascii?Q?xaarzI6634tZabmIl4n+99aiYKpnFqMADQPOJFf6qvNeJoeYUibDFX3qj0vN?=
 =?us-ascii?Q?frwwI81FLc09SPXAGZqAX/avKibHNs/P50IxhogvwnPlUEbfwVjYIMS7zpQk?=
 =?us-ascii?Q?+/uNumMoWn/lMkYgMOu10MLAFRmvJgvSRosMC0z2JvCW8pI1p7ucnmspcct+?=
 =?us-ascii?Q?IG01FzeTx7UoRikSzN64Hg3b9Nfdr8T30Ce8Pl2o2EaEgFfQhFoSgKgqrg8h?=
 =?us-ascii?Q?4Qf/gmw=3D?=
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:;
 IPV:NLI; SFV:NSPM; H:DB9P251MB0618.EURP251.PROD.OUTLOOK.COM; PTR:; CAT:NONE;
 SFS:(13230040)(52116014)(376014)(366016)(1800799024)(38350700014); DIR:OUT;
 SFP:1102; 
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?7woRVqPo5qnKAglE64EiWtQ3hSHwaEqT+Zcc2M1tm5ECEWJwyzjkg2HiQ37u?=
 =?us-ascii?Q?CO+q6K4438dJEkRFUOtcwGPvyUMmfMxbbURp0QN62B6qoI3i6DXNyGZh4kXD?=
 =?us-ascii?Q?t/GwGbqZvtx/ls+TFAKGDKbCGj8nNxvmEQkASBuEQbsWP/4dOFnahTFViwQB?=
 =?us-ascii?Q?zoHVL86LKRDT+IhpECBJ7a9xjDQxyHjlOWTBQSV7p8Z44cvk4gouFFy+msXV?=
 =?us-ascii?Q?DcM9Wed9+2UyuzrgkLVv33obJpowp7XAJ4EJnPTe94HYcff58d8kjJXHXn6k?=
 =?us-ascii?Q?wAN3Wxo7NUfL4KWHwB3YtJZEGXaLye9U2wBU+pBFOydYSsGhbtvFktNnVqrW?=
 =?us-ascii?Q?X96i1ILPwJWy9KlHj/YEs20Ms+RIT2Z9pWzmARHBRZASCaKiSQ/ULMzEVMAD?=
 =?us-ascii?Q?o8weHKM1u7LsQEqUFSr80cFU3BM2FowvG8Hicsl6mLiE9x/3xFrfl3bzdcvM?=
 =?us-ascii?Q?ubX6fOszOuQwZctAPlbJMdmd9aArFNWX4rJy+LuPPI8ZJt5++/kKtXfdelTK?=
 =?us-ascii?Q?OjSGiQjfh3+Qw8l5+oq+5smut5iYKPmgbO92i969eVr69OVnZbIkIMsIpZIe?=
 =?us-ascii?Q?tfDu5mYlkIfCglWHrOO5LpR9/zmyjKzFnS/EPXW1E5qtsW16tMJufGtwHSSB?=
 =?us-ascii?Q?Jxmbm4pBPQWmsfF5Wq6okS0HkLRo132ZMf1QyG8xN3/2l7VX21ECfYpCh5at?=
 =?us-ascii?Q?qr5hsiCD0gnxX7s75sJJpE5f3gtw65toffuQL6okzq8PXfxTtQU0X2eJxVld?=
 =?us-ascii?Q?WGIUBp4CpJD07K5ZcUslMgXFMjYxddTetu8iVvrDhy/0BwiKA94Mddxg/hX1?=
 =?us-ascii?Q?4jXB6bWspgS2oZNSSuzwNvDBwVK9qy4uaSr0Qf369bi+cRrCcNQxCVDhr8UX?=
 =?us-ascii?Q?vxolvz3OIkULFvkvk8S/0ig5arl4TsKFkwWLXOASY6O2mk9p2dCqktOmfOcd?=
 =?us-ascii?Q?+GpEjkELgtJaX5e6mxI9+G71QgLKtUXpICDWezPrDbKeUi3y4M1aghnhgSDE?=
 =?us-ascii?Q?r797ZhjNomc3BHWdO/secJsoYy2MzmO1QKof2tkrr2lAXh5v5ADyKED8YJUz?=
 =?us-ascii?Q?wd2zy/oC6w8WuVT7XYhRv8yD0c6jN/Sqd9rrcGysAQ1fV08ykU7TIwyF0ijl?=
 =?us-ascii?Q?cyKlu5ggunQPyKUr77ix7oHxWMjY2BZRJc2SO5FGMZBu4pb6IvWuQZKoHGjZ?=
 =?us-ascii?Q?0hbu7jFlCbfANgFSx+V2ti8JagslUT5d4h8gE86E2T9dEcJcbtQobjaci3IG?=
 =?us-ascii?Q?FucfZAMN8GGtZ22CdU7deideIsGFAWfUYbvxUr7t4GoX+gR51noGYTZw8zhx?=
 =?us-ascii?Q?/RhfTJkF8zRNMimIEcEV7LXPoyL3G/awMEzAAlj6zXRrbUfEqSrLxCQxWbm3?=
 =?us-ascii?Q?5T78dR/BwrB48uTv+ND+ZVxZCELexel3b5d8NJtY7KXdpAfWeil73cZHMxSZ?=
 =?us-ascii?Q?FEM+THhoVdxbxVk4MeiIjnOOF14qX9D6TUul6ttEAq5RRd7y8qTD8ggfAii8?=
 =?us-ascii?Q?AQE1FPBVGmHHmL6zSYLQdZm6ujY05Xoov6ueSo04HzqvGSrXstXib6HYK14G?=
 =?us-ascii?Q?uTujhJttNK5C34uA2N04N+GL4woGF0wQXR8/xHWB9WakC0vVcXw0dL5gRb8I?=
 =?us-ascii?Q?Ow=3D=3D?=
X-OriginatorOrg: t2data.com
X-MS-Exchange-CrossTenant-Network-Message-Id: ad7a18b6-0dff-4e49-4cb6-08dccd072b33
X-MS-Exchange-CrossTenant-AuthSource: DB9P251MB0618.EURP251.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Sep 2024 17:29:45.4432 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 27928da5-aacd-4ba1-9566-c748a6863e6c
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: Kn+jU7WnuIH1WblU3BeRmw1LwglWOrlArHdoRMuPY2xs8cBkpiTIU3HABOI6hI7tWOmPYb1kxpNeGBDkGOO4WEccBwxQyhogW6vkTcw/RKQ=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DU0P251MB0851
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on
 metis.whiteo.stw.pengutronix.de
X-Spam-Level: 
X-Spam-Status: No, score=-2.1 required=4.0 tests=AWL,BAYES_00,DKIM_SIGNED,
 DKIM_VALID,RCVD_IN_MSPIKE_H2,RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,
 RCVD_IN_VALIDITY_RPBL_BLOCKED,SPF_HELO_PASS,SPF_PASS,
 T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.2
Subject: [ptxdist] [PATCH] openssl: Version bump. 3.3.1 -> 3.3.2
X-BeenThere: ptxdist@pengutronix.de
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: PTXdist Development Mailing List <ptxdist.pengutronix.de>
List-Unsubscribe: <https://metis.pengutronix.de/mailman/options/ptxdist>,
 <mailto:ptxdist-request@pengutronix.de?subject=unsubscribe>
List-Archive: <https://metis.pengutronix.de/mailman/private/ptxdist/>
List-Post: <mailto:ptxdist@pengutronix.de>
List-Help: <mailto:ptxdist-request@pengutronix.de?subject=help>
List-Subscribe: <https://metis.pengutronix.de/mailman/listinfo/ptxdist>,
 <mailto:ptxdist-request@pengutronix.de?subject=subscribe>
Reply-To: ptxdist@pengutronix.de
Sender: "ptxdist" <ptxdist-bounces@pengutronix.de>
X-SA-Exim-Connect-IP: 127.0.0.1
X-SA-Exim-Mail-From: ptxdist-bounces@pengutronix.de
X-SA-Exim-Scanned: No (on metis.whiteo.stw.pengutronix.de); SAEximRunCond expanded to false

Minor security fix release.
https://github.com/openssl/openssl/blob/master/CHANGES.md#openssl-33

Plugs CVEs:
CVE-2024-6119 - Possible denial of service in X.509 name checks
CVE-2024-5535 - SSL_select_next_proto buffer overread

* OpenSSL moved permanently redirect to github. New releases
are not available any more at the old URLs.
Add yet another URL to github.

* Forward patches. Applies cleanly with a slight
rework of offset.

Signed-off-by: Christian Melki <christian.melki@t2data.com>
---
 .../0001-debian-targets.patch                               | 0
 patches/{openssl-3.3.1 => openssl-3.3.2}/0002-pic.patch     | 0
 ...nfigure-allow-to-enable-ktls-if-target-does-not-st.patch | 6 +++---
 .../0004-conf-Serialize-allocation-free-of-ssl_names.patch  | 0
 ...nfigure-drop-fzero-call-used-regs-used-gpr-from-De.patch | 0
 patches/{openssl-3.3.1 => openssl-3.3.2}/series             | 0
 rules/openssl.make                                          | 5 +++--
 7 files changed, 6 insertions(+), 5 deletions(-)
 rename patches/{openssl-3.3.1 => openssl-3.3.2}/0001-debian-targets.patch (100%)
 rename patches/{openssl-3.3.1 => openssl-3.3.2}/0002-pic.patch (100%)
 rename patches/{openssl-3.3.1 => openssl-3.3.2}/0003-Configure-allow-to-enable-ktls-if-target-does-not-st.patch (93%)
 rename patches/{openssl-3.3.1 => openssl-3.3.2}/0004-conf-Serialize-allocation-free-of-ssl_names.patch (100%)
 rename patches/{openssl-3.3.1 => openssl-3.3.2}/0005-Configure-drop-fzero-call-used-regs-used-gpr-from-De.patch (100%)
 rename patches/{openssl-3.3.1 => openssl-3.3.2}/series (100%)

diff --git a/patches/openssl-3.3.1/0001-debian-targets.patch b/patches/openssl-3.3.2/0001-debian-targets.patch
similarity index 100%
rename from patches/openssl-3.3.1/0001-debian-targets.patch
rename to patches/openssl-3.3.2/0001-debian-targets.patch
diff --git a/patches/openssl-3.3.1/0002-pic.patch b/patches/openssl-3.3.2/0002-pic.patch
similarity index 100%
rename from patches/openssl-3.3.1/0002-pic.patch
rename to patches/openssl-3.3.2/0002-pic.patch
diff --git a/patches/openssl-3.3.1/0003-Configure-allow-to-enable-ktls-if-target-does-not-st.patch b/patches/openssl-3.3.2/0003-Configure-allow-to-enable-ktls-if-target-does-not-st.patch
similarity index 93%
rename from patches/openssl-3.3.1/0003-Configure-allow-to-enable-ktls-if-target-does-not-st.patch
rename to patches/openssl-3.3.2/0003-Configure-allow-to-enable-ktls-if-target-does-not-st.patch
index 0c49d752e..561cca3b6 100644
--- a/patches/openssl-3.3.1/0003-Configure-allow-to-enable-ktls-if-target-does-not-st.patch
+++ b/patches/openssl-3.3.2/0003-Configure-allow-to-enable-ktls-if-target-does-not-st.patch
@@ -28,7 +28,7 @@ Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
  2 files changed, 2 insertions(+), 2 deletions(-)
 
 diff --git a/Configurations/10-main.conf b/Configurations/10-main.conf
-index c9db9aac28eb..d5ea4737494f 100644
+index cba57b41273f..7fa3eeae412f 100644
 --- a/Configurations/10-main.conf
 +++ b/Configurations/10-main.conf
 @@ -693,7 +693,7 @@ my %targets = (
@@ -41,10 +41,10 @@ index c9db9aac28eb..d5ea4737494f 100644
      "linux-latomic" => {
          inherit_from     => [ "linux-generic32" ],
 diff --git a/Configure b/Configure
-index 3b6617c17719..eeb36812ae0f 100755
+index 238152b2901b..3c7e04a082eb 100755
 --- a/Configure
 +++ b/Configure
-@@ -1778,7 +1778,7 @@ unless ($disabled{devcryptoeng}) {
+@@ -1777,7 +1777,7 @@ unless ($disabled{devcryptoeng}) {
  unless ($disabled{ktls}) {
      $config{ktls}="";
      my $cc = $config{CROSS_COMPILE}.$config{CC};
diff --git a/patches/openssl-3.3.1/0004-conf-Serialize-allocation-free-of-ssl_names.patch b/patches/openssl-3.3.2/0004-conf-Serialize-allocation-free-of-ssl_names.patch
similarity index 100%
rename from patches/openssl-3.3.1/0004-conf-Serialize-allocation-free-of-ssl_names.patch
rename to patches/openssl-3.3.2/0004-conf-Serialize-allocation-free-of-ssl_names.patch
diff --git a/patches/openssl-3.3.1/0005-Configure-drop-fzero-call-used-regs-used-gpr-from-De.patch b/patches/openssl-3.3.2/0005-Configure-drop-fzero-call-used-regs-used-gpr-from-De.patch
similarity index 100%
rename from patches/openssl-3.3.1/0005-Configure-drop-fzero-call-used-regs-used-gpr-from-De.patch
rename to patches/openssl-3.3.2/0005-Configure-drop-fzero-call-used-regs-used-gpr-from-De.patch
diff --git a/patches/openssl-3.3.1/series b/patches/openssl-3.3.2/series
similarity index 100%
rename from patches/openssl-3.3.1/series
rename to patches/openssl-3.3.2/series
diff --git a/rules/openssl.make b/rules/openssl.make
index 066437c9b..b8ca897ab 100644
--- a/rules/openssl.make
+++ b/rules/openssl.make
@@ -16,11 +16,12 @@ PACKAGES-$(PTXCONF_OPENSSL) += openssl
 #
 # Paths and names
 #
-OPENSSL_VERSION		:= 3.3.1
-OPENSSL_MD5		:= 8a4342b399c18f870ca6186299195984
+OPENSSL_VERSION		:= 3.3.2
+OPENSSL_MD5		:= 015fca2692596560b6fe8a2d8fecd84b
 OPENSSL			:= openssl-$(OPENSSL_VERSION)
 OPENSSL_SUFFIX		:= tar.gz
 OPENSSL_URL		:= \
+	https://github.com/openssl/openssl/releases/download/$(OPENSSL)/$(OPENSSL).$(OPENSSL_SUFFIX) \
 	https://www.openssl.org/source/$(OPENSSL).$(OPENSSL_SUFFIX) \
 	https://www.openssl.org/source/old/$(basename $(OPENSSL_VERSION))/$(OPENSSL).$(OPENSSL_SUFFIX)
 OPENSSL_SOURCE		:= $(SRCDIR)/$(OPENSSL).$(OPENSSL_SUFFIX)
-- 
2.34.1