Format: 1.8 Date: Wed, 31 Jan 2024 15:45:27 -0500 Source: openssl Binary: libcrypto1.1-udeb libssl-dev libssl1.1 libssl1.1-udeb openssl Architecture: armhf armhf_translations Version: 1.1.1f-1ubuntu2.21 Distribution: focal Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: libcrypto1.1-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb) libssl-dev - Secure Sockets Layer toolkit - development files libssl1.1 - Secure Sockets Layer toolkit - shared libraries libssl1.1-udeb - ssl shared library - udeb (udeb) openssl - Secure Sockets Layer toolkit - cryptographic utility Changes: openssl (1.1.1f-1ubuntu2.21) focal-security; urgency=medium . * SECURITY UPDATE: Excessive time spent in DH check / generation with large Q parameter value - debian/patches/CVE-2023-5678.patch: make DH_check_pub_key() and DH_generate_key() safer yet in crypto/dh/dh_check.c, crypto/dh/dh_err.c, crypto/dh/dh_key.c, crypto/err/openssl.txt, include/openssl/dh.h, include/openssl/dherr.h. - CVE-2023-5678 * SECURITY UPDATE: PKCS12 Decoding crashes - debian/patches/CVE-2024-0727.patch: add NULL checks where ContentInfo data can be NULL in crypto/pkcs12/p12_add.c, crypto/pkcs12/p12_mutl.c, crypto/pkcs12/p12_npas.c, crypto/pkcs7/pk7_mime.c. - CVE-2024-0727 Checksums-Sha1: e8f36d88a499d50338ffde815e3b575084e028c0 889292 libcrypto1.1-udeb_1.1.1f-1ubuntu2.21_armhf.udeb 279925c168c6948ee577d0537a222500953a0014 1383000 libssl-dev_1.1.1f-1ubuntu2.21_armhf.deb a9108868fe4e4255576f54c406e932acba7f8b9d 2846000 libssl1.1-dbgsym_1.1.1f-1ubuntu2.21_armhf.ddeb f15508237865c68f031eba76b74a4e8251d22d19 156092 libssl1.1-udeb_1.1.1f-1ubuntu2.21_armhf.udeb c6b685362699434258af33189470dfcf66c471bc 1083804 libssl1.1_1.1.1f-1ubuntu2.21_armhf.deb 602d42ebcd9632b30848cfae09b830541c24a95d 522312 openssl-dbgsym_1.1.1f-1ubuntu2.21_armhf.ddeb 214e5e7631116a509327c0c9ce0fe7d4f41a7ac2 7331 openssl_1.1.1f-1ubuntu2.21_armhf.buildinfo 417c67e5fd044dfde9d2bb3ec5486f72b48c0d18 597328 openssl_1.1.1f-1ubuntu2.21_armhf.deb 04885eb45af71ff41648b8067f401a0534f1aa83 27377 openssl_1.1.1f-1ubuntu2.21_armhf_translations.tar.gz Checksums-Sha256: 01c6ee6eed2d2dfa6941de9683aaf9a4852c1484e9094c4b4b334297cebeb99a 889292 libcrypto1.1-udeb_1.1.1f-1ubuntu2.21_armhf.udeb 94a9dd72edf5aad8f793cc0fc7b60786b0e4ef440c93efdcc68474e6a9c5ea81 1383000 libssl-dev_1.1.1f-1ubuntu2.21_armhf.deb 1b1f3e98bf6f1aa83f26679a0a186b55a65ed4c96de4fd9ed6110a619f3fbce7 2846000 libssl1.1-dbgsym_1.1.1f-1ubuntu2.21_armhf.ddeb baf69d409935a5df313ca16613e1ca7e4edcdce85d143a3d9965d4ad6cd345dd 156092 libssl1.1-udeb_1.1.1f-1ubuntu2.21_armhf.udeb df2aafb0e34251df43393efd1e8f73bd0017ad0ad0d76a9ab0163ffdd3257d36 1083804 libssl1.1_1.1.1f-1ubuntu2.21_armhf.deb 8250f542432463c2e92aa02ccb6bbf8ba6624ef1566e42706300a2c53f969706 522312 openssl-dbgsym_1.1.1f-1ubuntu2.21_armhf.ddeb 0b95c7c86663dc926f31ca53d109fd19443e04a18f8ad96745fba2776b4ffb23 7331 openssl_1.1.1f-1ubuntu2.21_armhf.buildinfo 79b6992578a424f6d9c1b3fca8576c55ffe49e10c7430062b739c281375f572c 597328 openssl_1.1.1f-1ubuntu2.21_armhf.deb 1b251bac92e0e4a5be337bd864223cbe3c756960f8b77aa72032875bf88897b9 27377 openssl_1.1.1f-1ubuntu2.21_armhf_translations.tar.gz Files: 0d70349cf5a552530e0f065698113d7e 889292 debian-installer optional libcrypto1.1-udeb_1.1.1f-1ubuntu2.21_armhf.udeb 6e3a324028bd5ea56dab0f36d60b3372 1383000 libdevel optional libssl-dev_1.1.1f-1ubuntu2.21_armhf.deb bad4e7238027130c27c372b86493039f 2846000 debug optional libssl1.1-dbgsym_1.1.1f-1ubuntu2.21_armhf.ddeb 27c8c6520f7bda271d5462a4cfb8bad3 156092 debian-installer optional libssl1.1-udeb_1.1.1f-1ubuntu2.21_armhf.udeb 2ae6e97f3c36bede17d7630edc62897e 1083804 libs optional libssl1.1_1.1.1f-1ubuntu2.21_armhf.deb 842ad60bbbec8e35b6aa8e17c3a3fe4d 522312 debug optional openssl-dbgsym_1.1.1f-1ubuntu2.21_armhf.ddeb dee4ff45ba7f64bfd675ed8e177ceeca 7331 utils optional openssl_1.1.1f-1ubuntu2.21_armhf.buildinfo e03d46a86bdb010750e4ad2764777190 597328 utils optional openssl_1.1.1f-1ubuntu2.21_armhf.deb 0d6f1d46bc331366c93bc88e0f7ced62 27377 raw-translations - openssl_1.1.1f-1ubuntu2.21_armhf_translations.tar.gz Original-Maintainer: Debian OpenSSL Team