Format: 1.8
Date: Mon, 17 Apr 2023 15:11:39 -0300
Source: openssl
Binary: libcrypto1.1-udeb libssl-dev libssl1.1 libssl1.1-udeb openssl
Architecture: i386 i386_translations
Version: 1.1.1f-1ubuntu2.18
Distribution: focal
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@lcy02-amd64-023.buildd>
Changed-By: Camila Camargo de Matos <camila.camargodematos@canonical.com>
Description:
 libcrypto1.1-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb)
 libssl-dev - Secure Sockets Layer toolkit - development files
 libssl1.1  - Secure Sockets Layer toolkit - shared libraries
 libssl1.1-udeb - ssl shared library - udeb (udeb)
 openssl    - Secure Sockets Layer toolkit - cryptographic utility
Changes:
 openssl (1.1.1f-1ubuntu2.18) focal-security; urgency=medium
 .
   * SECURITY UPDATE: excessive resource use when verifying policy constraints
     - debian/patches/CVE-2023-0464-1.patch: limit the number of nodes created
       in a policy tree (the default limit is set to 1000 nodes).
     - debian/patches/CVE-2023-0464-2.patch: add test cases for the policy
       resource overuse.
     - debian/patches/CVE-2023-0464-3.patch: disable the policy tree
       exponential growth test conditionally.
     - CVE-2023-0464
   * SECURITY UPDATE: invalid certificate policies ignored in leaf certificates
     - debian/patches/CVE-2023-0465-1.patch: ensure that EXFLAG_INVALID_POLICY
       is checked even in leaf certs.
     - debian/patches/CVE-2023-0465-2.patch: generate some certificates with
       the certificatePolicies extension.
     - debian/patches/CVE-2023-0465-3.patch: add a certificate policies test.
     - CVE-2023-0466
   * SECURITY UPDATE: certificate policy check in X509_VERIFY_PARAM_add0_policy
     not enabled as documented
     - debian/patches/CVE-2023-0466.patch: fix documentation of
       X509_VERIFY_PARAM_add0_policy().
     - CVE-2023-0466
Checksums-Sha1:
 59672a94fe9d16b8504d1f8b0d5e6cbf30c3581f 1073012 libcrypto1.1-udeb_1.1.1f-1ubuntu2.18_i386.udeb
 f932a2de6f54b7e80bffcfbbf9f6fe10231d75a6 1615968 libssl-dev_1.1.1f-1ubuntu2.18_i386.deb
 3a267bfdcf0dbce24fb8b0c431898944bce17ad0 2386496 libssl1.1-dbgsym_1.1.1f-1ubuntu2.18_i386.ddeb
 79041c1a32aff8276712ad74756f499432b651d5 206508 libssl1.1-udeb_1.1.1f-1ubuntu2.18_i386.udeb
 058f256bf36abcdddbfebd248dc06762322e999f 1321444 libssl1.1_1.1.1f-1ubuntu2.18_i386.deb
 ea710236c1fab8ada32810bdc1ceb174d2561532 492136 openssl-dbgsym_1.1.1f-1ubuntu2.18_i386.ddeb
 7c2232f75f1b7e56574f005281bc891f1c51717b 7367 openssl_1.1.1f-1ubuntu2.18_i386.buildinfo
 73f9a94d5998819b741ec3bfbbe448ba992b016b 631140 openssl_1.1.1f-1ubuntu2.18_i386.deb
 f3ed1ae4d78ac1bccad1d5117b7b0e398599cd2c 27266 openssl_1.1.1f-1ubuntu2.18_i386_translations.tar.gz
Checksums-Sha256:
 ed59ac3df032205544541d50f48b1efac3c88a513f08a21b2a800f0888b25fee 1073012 libcrypto1.1-udeb_1.1.1f-1ubuntu2.18_i386.udeb
 4d377f2afb5f94161e2b3130d0e1af257e2bf1a47d685260793f6736ebc11d02 1615968 libssl-dev_1.1.1f-1ubuntu2.18_i386.deb
 72a36b6f0762bc1b0b852aa5bd948df421d3e1674c0bc7d0fa43e808e4be4c72 2386496 libssl1.1-dbgsym_1.1.1f-1ubuntu2.18_i386.ddeb
 b98b07719c23c685b607a88ec75d0ab62c84d06a4154408b63ab1facea32e915 206508 libssl1.1-udeb_1.1.1f-1ubuntu2.18_i386.udeb
 e1517c66a261696509cfb08d8cb5a59865a05296a40732f6e5e83bd065977d63 1321444 libssl1.1_1.1.1f-1ubuntu2.18_i386.deb
 aa05f20a9baa394244dd0fb4de0d07b713b1ef84fc0ca57d3eab223782f03596 492136 openssl-dbgsym_1.1.1f-1ubuntu2.18_i386.ddeb
 d018fbc3b03f01b9cc778c09e77b6e7ca7d4ffe480f4e8655ea1b4147219491b 7367 openssl_1.1.1f-1ubuntu2.18_i386.buildinfo
 047e5c6863a23e71cf5a12f9f22e00ffc2816a62830e3e1c08726153d2afe146 631140 openssl_1.1.1f-1ubuntu2.18_i386.deb
 b516d87ccc8a52756a779612d404c15154aca17f59a81f108e1ce571c61365e4 27266 openssl_1.1.1f-1ubuntu2.18_i386_translations.tar.gz
Files:
 1c93921c47e60724db5fdfdce47afbbe 1073012 debian-installer optional libcrypto1.1-udeb_1.1.1f-1ubuntu2.18_i386.udeb
 34aa85ea803284b76aebd87097c24d55 1615968 libdevel optional libssl-dev_1.1.1f-1ubuntu2.18_i386.deb
 40637adf74a7483f171d66daf9c9986b 2386496 debug optional libssl1.1-dbgsym_1.1.1f-1ubuntu2.18_i386.ddeb
 24e80a42139c52730b45aaf38aa3997c 206508 debian-installer optional libssl1.1-udeb_1.1.1f-1ubuntu2.18_i386.udeb
 7bbd5d436590c55d0cf83b665e3fb7d9 1321444 libs optional libssl1.1_1.1.1f-1ubuntu2.18_i386.deb
 71376ceb49fd51233f9d5cbd7be5cd36 492136 debug optional openssl-dbgsym_1.1.1f-1ubuntu2.18_i386.ddeb
 974e8bfaa3dbbd806446dc8e0408a9fe 7367 utils optional openssl_1.1.1f-1ubuntu2.18_i386.buildinfo
 94f55f5be2a995f2365e8a17e9b86b04 631140 utils optional openssl_1.1.1f-1ubuntu2.18_i386.deb
 ea5127989ec6a8117aeab737cbdf9bb8 27266 raw-translations - openssl_1.1.1f-1ubuntu2.18_i386_translations.tar.gz
Original-Maintainer: Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>