Format: 1.8 Date: Wed, 31 Jan 2024 15:45:27 -0500 Source: openssl Binary: libcrypto1.1-udeb libssl-dev libssl1.1 libssl1.1-udeb openssl Architecture: i386 i386_translations Version: 1.1.1f-1ubuntu2.21 Distribution: focal Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: libcrypto1.1-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb) libssl-dev - Secure Sockets Layer toolkit - development files libssl1.1 - Secure Sockets Layer toolkit - shared libraries libssl1.1-udeb - ssl shared library - udeb (udeb) openssl - Secure Sockets Layer toolkit - cryptographic utility Changes: openssl (1.1.1f-1ubuntu2.21) focal-security; urgency=medium . * SECURITY UPDATE: Excessive time spent in DH check / generation with large Q parameter value - debian/patches/CVE-2023-5678.patch: make DH_check_pub_key() and DH_generate_key() safer yet in crypto/dh/dh_check.c, crypto/dh/dh_err.c, crypto/dh/dh_key.c, crypto/err/openssl.txt, include/openssl/dh.h, include/openssl/dherr.h. - CVE-2023-5678 * SECURITY UPDATE: PKCS12 Decoding crashes - debian/patches/CVE-2024-0727.patch: add NULL checks where ContentInfo data can be NULL in crypto/pkcs12/p12_add.c, crypto/pkcs12/p12_mutl.c, crypto/pkcs12/p12_npas.c, crypto/pkcs7/pk7_mime.c. - CVE-2024-0727 Checksums-Sha1: c7668c3fdb8401bbca339592ffe672e308a890d0 1071564 libcrypto1.1-udeb_1.1.1f-1ubuntu2.21_i386.udeb 5c48649f84d4582bf92f5fbb74324bfada5ccc05 1614792 libssl-dev_1.1.1f-1ubuntu2.21_i386.deb 0491555728fa5f4307f81200db7a9816fb04fb6f 2378828 libssl1.1-dbgsym_1.1.1f-1ubuntu2.21_i386.ddeb 1b7f24862b05a925d920ebfda6ac9c36d8bd1874 207164 libssl1.1-udeb_1.1.1f-1ubuntu2.21_i386.udeb 9743b4b85a40d38bcc97402f1314c8c1102e1b53 1319480 libssl1.1_1.1.1f-1ubuntu2.21_i386.deb 84577189c5e93055be6bdd8b89f31c28ef771064 492660 openssl-dbgsym_1.1.1f-1ubuntu2.21_i386.ddeb 6b256648f5f748182fe9db4ca3d87f771a6d88d6 7380 openssl_1.1.1f-1ubuntu2.21_i386.buildinfo e590e0e04e96f3d83dccef680771ec35ffe50755 630504 openssl_1.1.1f-1ubuntu2.21_i386.deb f93699bd325fbf42a0f7f0666ed9b3660d7c5531 27508 openssl_1.1.1f-1ubuntu2.21_i386_translations.tar.gz Checksums-Sha256: bccdb7e6d6ab2894829727a404c247407b02a850ee716417b1e883cbdef0b96e 1071564 libcrypto1.1-udeb_1.1.1f-1ubuntu2.21_i386.udeb cdb6c815cc90e6a34678b7d2094aef7a1bc8ec6bd6b14f8965d871cfb40141a7 1614792 libssl-dev_1.1.1f-1ubuntu2.21_i386.deb 8d862cccc37d46f83fc31d819782a479c841937dcb159cf751dd38d7b05aaac2 2378828 libssl1.1-dbgsym_1.1.1f-1ubuntu2.21_i386.ddeb dc9dbffb5547a4bf40f9e2f949c807ba80bc64248b2924949e3f7ef2b92c4bc3 207164 libssl1.1-udeb_1.1.1f-1ubuntu2.21_i386.udeb ddd0d14f1cb1445128f61cc3e08834a9a6431582f0885a21be3cf0d1a3563784 1319480 libssl1.1_1.1.1f-1ubuntu2.21_i386.deb 6c3353863a96ef5254f1b881be4de2fa1be9c931bea4186b12434ffd30f77cc2 492660 openssl-dbgsym_1.1.1f-1ubuntu2.21_i386.ddeb feae4f60b9d95a36ce78b3f0e006826152757a5e235310a80b354b5de8a38836 7380 openssl_1.1.1f-1ubuntu2.21_i386.buildinfo a8dd614b84dfc0e87070ced6d8c6af65e7e555ab4da90380139fbb15fcb10f05 630504 openssl_1.1.1f-1ubuntu2.21_i386.deb db9ed2c172bb2af2ce4a3fc2856fa2d6a4b6c5af79dd7e5657f950720c8b1cef 27508 openssl_1.1.1f-1ubuntu2.21_i386_translations.tar.gz Files: ecdeab8ffcf2640ccef51e8d559cfe7e 1071564 debian-installer optional libcrypto1.1-udeb_1.1.1f-1ubuntu2.21_i386.udeb f58080dc97f1526b8d221eea22621bf4 1614792 libdevel optional libssl-dev_1.1.1f-1ubuntu2.21_i386.deb 41069823028a20a8ed6a4294fc1f6da5 2378828 debug optional libssl1.1-dbgsym_1.1.1f-1ubuntu2.21_i386.ddeb 1c2d1cafff82ea88b0f1e0b23333df3b 207164 debian-installer optional libssl1.1-udeb_1.1.1f-1ubuntu2.21_i386.udeb 82c17b41026007aecd9d454c6d0fa483 1319480 libs optional libssl1.1_1.1.1f-1ubuntu2.21_i386.deb bac16e5d2117262b69c9bccb18c78105 492660 debug optional openssl-dbgsym_1.1.1f-1ubuntu2.21_i386.ddeb 5efe8d826ef135b9653d843c9ba3e3bd 7380 utils optional openssl_1.1.1f-1ubuntu2.21_i386.buildinfo c6f47f89df39304ea533d1fdd92d13ac 630504 utils optional openssl_1.1.1f-1ubuntu2.21_i386.deb 2043a60f126bc7bd7edec64b2333a0c9 27508 raw-translations - openssl_1.1.1f-1ubuntu2.21_i386_translations.tar.gz Original-Maintainer: Debian OpenSSL Team