openssl 3.4.1-1ubuntu4 source package in Ubuntu
Changelog
openssl (3.4.1-1ubuntu4) plucky-security; urgency=medium
* SECURITY UPDATE: Out-of-bounds read & write in RFC 3211 KEK Unwrap
- debian/patches/CVE-2025-9230.patch: fix incorrect check of unwrapped
key size in crypto/cms/cms_pwri.c.
- CVE-2025-9230
* SECURITY UPDATE: Timing side-channel in SM2 algorithm on 64 bit ARM
- debian/patches/CVE-2025-9231-1.patch: use constant time modular
inversion in crypto/ec/ecp_sm2p256.c.
- debian/patches/CVE-2025-9231-2.patch: remove unused code in
crypto/ec/ecp_sm2p256.c.
- CVE-2025-9231
* SECURITY UPDATE: Out-of-bounds read in HTTP client no_proxy handling
- debian/patches/CVE-2025-9232.patch: add missing terminating NUL byte
in crypto/http/http_lib.c.
- CVE-2025-9232
-- Marc Deslauriers <email address hidden> Thu, 18 Sep 2025 07:07:45 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Plucky
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- utils
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Plucky | updates | main | utils | |
| Plucky | security | main | utils |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| openssl_3.4.1.orig.tar.gz | 17.5 MiB | 002a2d6b30b58bf4bea46c43bdd96365aaf8daa6c428782aa4feee06da197df3 |
| openssl_3.4.1.orig.tar.gz.asc | 833 bytes | 488c2d4051d5d27b1c0f9d21fd717630e0a2e1b82216875b2fb0fceeb0e8ea5a |
| openssl_3.4.1-1ubuntu4.debian.tar.xz | 118.9 KiB | 87a9dbfe225617ce45671dc51605f8e7b580c986688758dc7e4f6a29567e53de |
| openssl_3.4.1-1ubuntu4.dsc | 2.8 KiB | 6c0bd4568f7cb13df623eb0635d16bc070c01741145e35792311adaaf1f5c5a3 |
Available diffs
Binary packages built by this source
- libssl-dev: Secure Sockets Layer toolkit - development files
This package is part of the OpenSSL project's implementation of the SSL
and TLS cryptographic protocols for secure communication over the
Internet.
.
It contains development libraries, header files, and manpages for libssl
and libcrypto.
- libssl-doc: Secure Sockets Layer toolkit - development documentation
This package is part of the OpenSSL project's implementation of the SSL
and TLS cryptographic protocols for secure communication over the
Internet.
.
It contains manpages and demo files for libssl and libcrypto.
- libssl3t64: Secure Sockets Layer toolkit - shared libraries
This package is part of the OpenSSL project's implementation of the SSL
and TLS cryptographic protocols for secure communication over the
Internet.
.
It provides the libssl and libcrypto shared libraries.
- libssl3t64-dbgsym: debug symbols for libssl3t64
- openssl: Secure Sockets Layer toolkit - cryptographic utility
This package is part of the OpenSSL project's implementation of the SSL
and TLS cryptographic protocols for secure communication over the
Internet.
.
It contains the general-purpose command line binary /usr/bin/openssl,
useful for cryptographic operations such as:
* creating RSA, DH, and DSA key parameters;
* creating X.509 certificates, CSRs, and CRLs;
* calculating message digests;
* encrypting and decrypting with ciphers;
* testing SSL/TLS clients and servers;
* handling S/MIME signed or encrypted mail.
- openssl-dbgsym: debug symbols for openssl
- openssl-provider-legacy: Secure Sockets Layer toolkit - cryptographic utility
This package is part of the OpenSSL project's implementation of the SSL
and TLS cryptographic protocols for secure communication over the
Internet.
.
This package contains the legacy provider. The OpenSSL legacy provider
supplies OpenSSL implementations of algorithms that have been deemed legacy.
Such algorithms have commonly fallen out of use, have been deemed insecure by
the cryptography community, or something similar.
For details see OSSL_PROVIDER-legacy man page.
- openssl-provider-legacy-dbgsym: debug symbols for openssl-provider-legacy
