Skip to content

deps: update OpenSSL to 3.5.4 #60100

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 3 commits into from
Closed

deps: update OpenSSL to 3.5.4 #60100

wants to merge 3 commits into from

Conversation

nodejs-github-bot
Copy link
Collaborator

This is an automated update of OpenSSL to 3.5.4.

@nodejs-github-bot nodejs-github-bot added dependencies Pull requests that update a dependency file. openssl Issues and PRs related to the OpenSSL dependency. labels Oct 1, 2025
@nodejs-github-bot
Copy link
Collaborator Author

Review requested:

  • @nodejs/security-wg

@nodejs-github-bot nodejs-github-bot added the needs-ci PRs that need a full CI run. label Oct 1, 2025
@targos targos closed this Oct 1, 2025
@targos targos deleted the actions/tools-update-openssl branch October 1, 2025 18:49
@chrisharrison
Copy link

OpenSSL < 3.5.4 is vulnerable. Currently the latest versions of Node 22 and 24 have a vulnerable version of OpenSSL embedded.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file. needs-ci PRs that need a full CI run. openssl Issues and PRs related to the OpenSSL dependency.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@nodejs-github-bot @chrisharrison @targos