Copied from
ubuntu jammy in
Private PPA for Ubuntu Security Team
by Marc Deslauriers
Changelog
openssl (3.0.2-0ubuntu1.7) jammy-security; urgency=medium
* SECURITY UPDATE: X.509 Email Address Buffer Overflow
- debian/patches/CVE-2022-3602-1.patch: fix off by one in punycode
decoder in crypto/punycode.c, test/build.info, test/punycode_test.c,
test/recipes/04-test_punycode.t.
- debian/patches/CVE-2022-3602-2.patch: ensure the result is zero
terminated in crypto/punycode.c.
- CVE-2022-3602
* SECURITY UPDATE: legacy custom cipher issue
- debian/patches/CVE-2022-3358.patch: fix usage of custom EVP_CIPHER
objects in crypto/evp/digest.c, crypto/evp/evp_enc.c.
- CVE-2022-3358
-- Marc Deslauriers <email address hidden> Thu, 27 Oct 2022 13:06:56 -0400