chore(deps): update dependency libressl/portable to v4.3.2

[renovate]

This PR contains the following updates:

Package	Update	Change
libressl/portable	minor	v4.2.1 → v4.3.2

---

Release Notes

libressl/portable (libressl/portable)

v4.3.2

Compare Source

Portable Changes

• Rework portable assembly handling with LIBRESSL_USE_ASSEMBLY
• Add SHA assembly for elf-aarch64
• Add definition of ssize_t to cms.h for Windows
• Fix posix_open() implementation so it properly signals failure
• Fix SIGALRM handler for openssl speed on Windows
• Fix overwrite of user CFLAGS/LDFLAGS in hardening flag detection

Bug fixes

• Allow the verify callback to override the error for overlong
  cert chains again.

Full changelog: https://github.com/libressl/portable/blob/master/ChangeLog

v4.3.1

Compare Source

Portable Changes

• Add missing <limits.h> to fix build on some OS.

Full changelog: https://github.com/libressl/portable/blob/master/ChangeLog

v4.3.0

Compare Source

Internal improvements

• Remove the unused sequence number from X509_REVOKED.
• Replace a call to atoi() with strtonum() in nc(1) and replace a
  misleading use of ntohs() with htons().
• openssl(1) speed now uses HMAC-SHA256 for its hmac benchmark.
• Reimplemented only use of ASN1_PRINTABLE_type() in openssl(1) ca.
  The API will be removed in an upcoming release.
• Add curve NID to EC_POINT objects so the library has a clue on which
  curve a given EC_POINT is supposed to live.
• Use curve NID to check for compatibility between group and points
  in various EC API. This isn't 100% failsafe but good enough for sane
  uses.
• Require SSE in order to use gcm_{gmult,ghash}_4bit_mmx().
  On rare i386 machines suporting MMX but not SSE this could result
  in an illegal instruction.
• Cleaned up asn1t.h to make it somewhat readable and more robust by
  using C99 initializers in particular.
• Further assembly macro improvements for -portable.
• Add fast path for well-known DH primes in DH_check() (including
  those from RFC 7919). Some projects still fiddle with this in 2025.
• Rewrite ec_point_cmp() for readability and robustness.
• Improve EVP_{Open,Seal}Init() internals. This is legacy API that
  cannot be removed since one scripting language still exposes it.
• ASN1_BIT_STRING_set_bit() now trims trailing zero bits itself rather
  than relying on i2c_ASN1_BIT_STRING() to do that when encoding.
• Fix and add workarounds to libtls to improve const correctness and
  to avoid warnings when compiling with OpenSSL 4.
• Prefix EC_KEY methods with ec_key_ to avoid problems in some static
  links.
• Remove mac_packet, a leftover from accepting SSLv2 ClientHellos.
• Remove ssl_server_legacy_first_packet().
• In addition to what was done in LibreSSL 4.0 for the version
  handling, disable TLSv1.1 and lower also on the method level.
• Remove workaround for SSL 3.0/TLS 1.0 CBC vulnerability.
• Refactor ocsp_find_signer_sk() to avoid neglecting the ASN.1's
  semantics by direct reaching into deeply nested OCSP structures.

Compatibility changes

• Expose X509_VERIFY_PARAM_set_hostflags() as a public symbol.
• Provide SSL_SESSION_dup().
• BIGNUMs now use the C99 types uint64_t/uint32_t for the word width.
  Fixes long-standing issues with 32-bit longs on 64-bit Windows.
• Many unused BN_* macros with incomprehensible names were removed:
  BN_LONG, BN_BITS{,4}, BN_MASK2{,l,h,h1}, BN_TBIT, BN_DEC_CONV,
  BN_{DEC,HEX}_FMT{1,2}, ...
• openssl(1) cms no longer accepts the unsupported -compress and
  -uncompress switches.
• Added PKCS7_NO_DUAL_CONTENT flag/behavior. This is incorrect legacy
  behavior but some language bindings decided to rely on it in 2025.
• Remove STABLE_FLAGS_MALLOC but keep STABLE_NO_MASK because there is
  still one user...
• Fix ASN1_ADB_END macro to have compatible signature with OpenSSL.
  The adb_cb() argument is currently ignored.
• Unexport ASN1_LONG_UNDEF.

New features

• Support for MLKEM768_X25519 keyshare in TLS.
  https://datatracker.ietf.org/doc/draft-ietf-tls-ecdhe-mlkem/
• Added ML-KEM benchmarks to openssl(1) speed.
• Added support for starttls protocol sieve.
• Add support for RSASSA-PSS with pubkey OID RSASSA-PSS to libssl.

Bug fixes

• Ensure the group selected by a TLSv1.3 server for a
  HelloRetryRequest is not one for which the client has
  already sent a key share.
• Plug memory leak in CMS_EncryptedData_encrypt().
• Plug possible memory leak and double free in nref_nos().
• Removed always zero test results for some no longer available
  legacy primitives in openssl(1) speed.
• List SHA-3 digests in openssl(1) help output.
• Fix encoding of bit strings with trailing zeroes on which
  ASN1_STRING_FLAG_BITS_LEFT is not set.
• Add missing NULL pointer check to PKCS12_item_decrypt_d2i().
• Avoid type confusion leading to 1-byte read at address 0x00-0xff
  in PKCS#12 parsing.
• Fix type confusion in timestamp response parsing for v2 signing
  certs.
• Fix EVP_SealInit() to return 0 on error, not -1.
• Replace incorrect strncmp() with strcmp() in CRL distribution point
  config parsing.
• openssl x509 -text writes its output to the file specified by -out
  like all other openssl(1) subcommands.
• Stop Delta CRL processing in the verifier if the cRLNumber is
  missing. This is flagged on deserialization, but nothing checks
  that flag. This can lead to a NULL dereference if the verification
  has enabled Delta CRL checking by setting X509_V_FLAG_USE_DELTAS.
• Fix NULL dereference that can be triggered with malformed OAEP
  parameter encoding for CMS decryption.
• Add missing length checks before BIO_new_mem_buf() in libtls.
• Improve libtls error reporting consistency, avoid reporting
  unrelated errnos.
• Fix SAN dNSName constraints: instead of substring matching,
  match exactly and allow zero or more components in front of
  the candidate.

Reliability fix

• Fix off-by-one error in the X.509 verifier depth checking. This can
  lead to a 4-byte overwrite on heap allocated memory for clients
  talking to a malicious server or for servers that have client
  certificate verification enabled. In addition, the maximum depth
  must be set to the maximum allowed value of 32.
  Thanks to Calif.io in collaboration with Claude and Anthropic
  Research, for reporting the issue.

Testing and proactive security

• Port Wycheproof tests to testvectors_v1 and improve coverage
  and correctness. Add tests for ML-KEM in particular.

Full changelog: https://github.com/libressl/portable/blob/master/ChangeLog

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud