This update for openssl fixes the following issues: * CVE-2023-0286: Fixed X.400 address type confusion in X.509 GeneralNameFixed . * CVE-2023-0215: Fixed a use-after-free following BIO_new_NDEF . * CVE-2022-4304: Fixed a timing oracle in RSA decryption . The following non-security bug were fixed: * Fix DH key generation in FIPS mode, add support for constant BN for DH parameters . * Update further expiring certificates that affect tests .