Bump openssl from 0.10.76 to 0.10.79 in /integration

[dependabot]

Bumps openssl from 0.10.76 to 0.10.79.

Release notes

Sourced from openssl's releases.

openssl-v0.10.79

What's Changed

• Bump actions/cache from 5.0.4 to 5.0.5 by @​dependabot[bot] in rust-openssl/rust-openssl#2610
• Try to fix OpenSSL 1.1.0l download by @​botovq in rust-openssl/rust-openssl#2614
• Require &mut BigNumContextRef for EcPointRef mul/invert by @​alex in rust-openssl/rust-openssl#2615
• Fix UB in EcGroupRef::generator on groups without a generator by @​alex in rust-openssl/rust-openssl#2617
• Replace use libc::*; with targeted imports in openssl-sys by @​alex in rust-openssl/rust-openssl#2618
• Add PKeyRef::is_a and KeyType for name-based key identification by @​reaperhulk in rust-openssl/rust-openssl#2619
• Add PKey::{public,private}_key_from_raw_bytes_ex by @​reaperhulk in rust-openssl/rust-openssl#2620
• Bump MSRV to 1.80 by @​reaperhulk in rust-openssl/rust-openssl#2622
• Drop once_cell in favor of std::sync::{LazyLock, OnceLock} by @​reaperhulk in rust-openssl/rust-openssl#2623
• Add PKey::private_key_from_seed for ML-DSA/ML-KEM key import by @​reaperhulk in rust-openssl/rust-openssl#2621
• parallelize more builds in CI for cold caches by @​reaperhulk in rust-openssl/rust-openssl#2625
• Add PKeyRef::seed_into for ML-DSA/ML-KEM seed extraction by @​reaperhulk in rust-openssl/rust-openssl#2626
• Fix process abort when verify/PSK callbacks fire after SSL_CTX swap by @​alex in rust-openssl/rust-openssl#2624
• Bind OSSL_PARAM_modified and use it for seed_into by @​reaperhulk in rust-openssl/rust-openssl#2628
• Add PkeyCtxRef::set_context_string for ML-DSA by @​reaperhulk in rust-openssl/rust-openssl#2629
• Reject non-UTF-8 OCSP responder URLs in X509Ref::ocsp_responders by @​alex in rust-openssl/rust-openssl#2631
• Fix output buffer overflow for AES key-wrap-with-padding ciphers by @​alex in rust-openssl/rust-openssl#2630
• Release openssl 0.10.79 and openssl-sys 0.9.115 by @​reaperhulk in rust-openssl/rust-openssl#2632

Full Changelog: rust-openssl/rust-openssl@openssl-v0.10.78...openssl-v0.10.79

openssl-v0.10.78

What's Changed

• Fix Suite B flag assignments in verify.rs by @​alex in rust-openssl/rust-openssl#2592
• Use cvt_p for OPENSSL_malloc error handling by @​alex in rust-openssl/rust-openssl#2593
• Mark BIO_get_mem_data on AWS-LC to be unsafe by @​alex in rust-openssl/rust-openssl#2594
• Set timeout for package installation step by @​alex in rust-openssl/rust-openssl#2595
• Panic in Crypter::new when IV is required but not provided by @​alex in rust-openssl/rust-openssl#2596
• openssl 4 support by @​reaperhulk in rust-openssl/rust-openssl#2591
• Avoid panic for overlong OIDs by @​botovq in rust-openssl/rust-openssl#2598
• Fix dangling stack pointer in custom extension add callback by @​alex in rust-openssl/rust-openssl#2599
• Add support for LibreSSL 4.3.x by @​botovq in rust-openssl/rust-openssl#2603
• fix inverted bounds assertion in AES key unwrap by @​reaperhulk in rust-openssl/rust-openssl#2604
• Reject oversized length returns from password callback trampoline by @​alex in rust-openssl/rust-openssl#2605
• Validate callback-returned lengths in PSK and cookie trampolines by @​alex in rust-openssl/rust-openssl#2607
• Error for short out in MdCtxRef::digest_final() by @​botovq in rust-openssl/rust-openssl#2608
• Check derive output buffer length on OpenSSL 1.1.x by @​alex in rust-openssl/rust-openssl#2606
• Release openssl v0.10.78 and openssl-sys v0.9.114 by @​alex in rust-openssl/rust-openssl#2609

Full Changelog: rust-openssl/rust-openssl@openssl-v0.10.77...openssl-v0.10.78

openssl-v0.10.77

What's Changed

• CI: Hash-pin all action usage, avoid credential persistence in actions/checkout by @​woodruffw in rust-openssl/rust-openssl#2587
• Bump aws-lc-sys to 0.39 by @​goffrie in rust-openssl/rust-openssl#2588
• md_ctx: enable sign/verify/reset on BoringSSL, LibreSSL, and AWS-LC by @​alex in rust-openssl/rust-openssl#2589

... (truncated)

Commits

• 649f2d9 Release openssl 0.10.79 and openssl-sys 0.9.115 (#2632)
• 257f9b2 Fix output buffer overflow for AES key-wrap-with-padding ciphers (#2630)
• d43e917 Reject non-UTF-8 OCSP responder URLs in X509Ref::ocsp_responders (#2631)
• f46519c Add PkeyCtxRef::set_context_string for ML-DSA (#2629)
• ad9ae31 Bind OSSL_PARAM_modified and use it for seed_into (#2628)
• 4e25c9b Fix process abort when verify/PSK callbacks fire after SSL_CTX swap (#2624)
• 3dd8f42 Add PKeyRef::seed_into for ML-DSA/ML-KEM seed extraction (#2626)
• 2c5e5a8 parallelize more builds in CI for cold caches (#2625)
• 6685591 Add PKey::private_key_from_seed for ML-DSA/ML-KEM key import (#2621)
• 8f8fdce Drop once_cell in favor of std::sync::{LazyLock, OnceLock} (#2623)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		Recently published: cargo openssl-sys published 3 days ago Location: Package overview From: ? → cargo/openssl-sys@0.9.115 ℹ Read more on: This package | This alert | What are recently published artifacts? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should either be allowlisted to allow recently-published versions, or an older version should be used instead. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore cargo/openssl-sys@0.9.115. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Recently published: cargo openssl published 3 days ago Location: Package overview From: ? → cargo/openssl@0.10.79 ℹ Read more on: This package | This alert | What are recently published artifacts? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should either be allowlisted to allow recently-published versions, or an older version should be used instead. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore cargo/openssl@0.10.79. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report