This update for openssl-3 fixes the following issues: Security fixes: - CVE-2023-0286: Fixed X.400 address type confusion in X.509 GENERAL_NAME_cmp for x400Address . - CVE-2023-0401: Fixed NULL pointer dereference during PKCS7 data verification . - CVE-2023-0217: Fixed NULL pointer dereference validating DSA public key . - CVE-2023-0216: Fixed invalid pointer dereference in d2i_PKCS7 functions . - CVE-2023-0215: Fixed use-after-free following BIO_new_NDEF . - CVE-2022-4450: Fixed double free after calling PEM_read_bio_ex . - CVE-2022-4304: Fixed timing Oracle in RSA Decryption . - CVE-2022-4203: Fixed read Buffer Overflow with X.509 Name Constraints . Non-security fixes: - Fix SHA, SHAKE, KECCAK ASM and EC ASM flag passing . - Enable zlib compression support . - Add crypto-policies dependency.