This update for openssl-1_1 fixes the following issues: - CVE-2022-0778: Infinite loop in BN_mod_sqrt reachable when parsing certificates . - Add safe primes to DH parameter generation as recommended from RFC7919 and RFC3526 .