Commit 2c39003b2a for openssl.org

commit 2c39003b2ad3938deff12f4f4a14e445a9a147d2
Author: Pauli <paul.dale@oracle.com>
Date:   Sun Mar 8 21:24:23 2026 +1100

    Change free call to secure free call.

    Freeing secure memory using OPENSSL_free causes badness.  Use the proper
    free call instead.

    Fixes #30302

    Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
    Reviewed-by: Neil Horman <nhorman@openssl.org>
    Reviewed-by: Tomas Mraz <tomas@openssl.org>
    Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org>
    MergeDate: Tue Mar 10 15:08:36 2026
    (Merged from https://github.com/openssl/openssl/pull/30305)

diff --git a/crypto/ml_dsa/ml_dsa_key.c b/crypto/ml_dsa/ml_dsa_key.c
index fdbd3eec6c..18a520dba7 100644
--- a/crypto/ml_dsa/ml_dsa_key.c
+++ b/crypto/ml_dsa/ml_dsa_key.c
@@ -492,7 +492,7 @@ int ossl_ml_dsa_generate_key(ML_DSA_KEY *out)
                 "explicit %s private key does not match seed",
                 out->params->alg);
         }
-        OPENSSL_free(sk);
+        OPENSSL_secure_clear_free(sk, out->params->sk_len);
     }
     return ret;
 }