Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > linux.debian.changes > #13213
| From | Debian FTP Masters <ftpmaster@ftp-master.debian.org> |
|---|---|
| Newsgroups | linux.debian.changes |
| Subject | Accepted openssl 3.5.4-1~deb13u2 (source) into proposed-updates |
| Date | 2026-01-29 19:50 +0100 |
| Message-ID | <MiFfA-eh6W-23@gated-at.bofh.it> (permalink) |
| Organization | linux.* mail to news gateway |
[Multipart message — attachments visible in raw view] - view raw
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 24 Jan 2026 16:50:07 +0100
Source: openssl
Architecture: source
Version: 3.5.4-1~deb13u2
Distribution: trixie-security
Urgency: medium
Maintainer: Debian OpenSSL Team <pkg-openssl-devel@alioth-lists.debian.net>
Changed-By: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Changes:
openssl (3.5.4-1~deb13u2) trixie-security; urgency=medium
.
* CVE-2025-11187 (Improper validation of PBMAC1 parameters in PKCS#12 MAC
verification)
* CVE-2025-15467 (Stack buffer overflow in CMS AuthEnvelopedData parsing)
* CVE-2025-15468 (NULL dereference in SSL_CIPHER_find() function on unknown
cipher ID)
* CVE-2025-15469 ("openssl dgst" one-shot codepath silently truncates inputs
>16MB)
* CVE-2025-66199 (TLS 1.3 CompressedCertificate excessive memory allocation)
* CVE-2025-68160 (Heap out-of-bounds write in BIO_f_linebuffer on short
writes)
* CVE-2025-69418 (Unauthenticated/unencrypted trailing bytes with low-level
OCB function calls)
* CVE-2025-69419 (Out of bounds write in PKCS12_get_friendlyname() UTF-8
conversion)
* CVE-2025-69420 (Missing ASN1_TYPE validation in TS_RESP_verify_response()
function)
* CVE-2025-69421 (NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex
function)
* CVE-2026-22795 (Missing ASN1_TYPE validation in PKCS#12 parsing)
* CVE-2026-22796 (ASN1_TYPE Type Confusion in the
PKCS7_digest_from_attributes() function)
Checksums-Sha1:
287729fb89e8fbfd6e544091a70b7d8e5007f5be 2707 openssl_3.5.4-1~deb13u2.dsc
b75daac8e10f189abe28a076ba5905d363e4801f 53190367 openssl_3.5.4.orig.tar.gz
5f2dc895c3124ec1a04e17f2aa679f86ec49227c 833 openssl_3.5.4.orig.tar.gz.asc
2a1f2a04b97dcdfa1622496197eb85c0207936f2 65020 openssl_3.5.4-1~deb13u2.debian.tar.xz
Checksums-Sha256:
646eb71bec0d395e564f1dd88e26ddede052200d37293bb03aa1372897b17dd8 2707 openssl_3.5.4-1~deb13u2.dsc
967311f84955316969bdb1d8d4b983718ef42338639c621ec4c34fddef355e99 53190367 openssl_3.5.4.orig.tar.gz
cfcabcfc6e43237392e0ab42e2326fceb71037036c2adaa7ecc7e251778e38f4 833 openssl_3.5.4.orig.tar.gz.asc
f9edcab4e1d849a6c29e1c7821516c19d7dead327bb78b015d07445622922437 65020 openssl_3.5.4-1~deb13u2.debian.tar.xz
Files:
18b606ea5aef77be07e92a57f4c93408 2707 utils optional openssl_3.5.4-1~deb13u2.dsc
570a7ab371147b6ba72c6d0fed93131f 53190367 utils optional openssl_3.5.4.orig.tar.gz
fc505832a9796504dcd48c14fd34c4cb 833 utils optional openssl_3.5.4.orig.tar.gz.asc
eaf4b0d539d98d82a781db1aa41c479d 65020 utils optional openssl_3.5.4-1~deb13u2.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQGzBAEBCgAdFiEEV4kucFIzBRM39v3RBWQfF1cS+lsFAml07cIACgkQBWQfF1cS
+lv1Kwv/eXgnx1ZsldQNMANiiEReGnRipXaY109cUod3c6AUS1hUSVbbgMxSi4mu
xolERHpKLe2qs5PkPVfrsUwnF6mcgUdDPROpAQSPF/D7wXQbz6zWbqJgtKcR0xDQ
x0XJKZnUqdQ+Aq3JV/nZTywNnjiYXQrDdaDTcorx3+IhG8ILcqVhwqIFqA7Hwbje
KKRh3Iw4VZqEIEJ4SYt5YDf19Pl2cSAgSFWTyihDSkI4GDrwPJ/0c3p+R1g91PgN
v5hqKfvpjliRoCffeY4EoATYCKiaxck+QTy/r/Z0GRyzDpgW66Ip//VbJQkNMDoA
c9mfII3ZsujnyObR4HCjyitPZzM01N9ZUhYUBVfGOGUOZRHdgyH+iTR0au8LgxgE
Z9XIxdKUhc8IeamIJLNay1++9oi/lBjMx0aSrUi0Fud6XQ/Nh+sIlKmtLmPuaxW2
6gOpS4ABMmsvZ889/4im/Dbao+quDoTVNoFShUNztJv+xHJUqGuiPyN4IjwJOWue
sqk5wHdN
=5J2v
-----END PGP SIGNATURE-----
Back to linux.debian.changes | Previous | Next | Find similar
Accepted openssl 3.5.4-1~deb13u2 (source) into proposed-updates Debian FTP Masters <ftpmaster@ftp-master.debian.org> - 2026-01-29 19:50 +0100
csiph-web