Publishing details

• Created on 2023-01-23 by Ubuntu Archive Auto-Sync
• Removed from disk on 2023-03-18.
• Removal requested on 2023-03-17.
• Superseded on 2023-03-16 by openssl - 3.0.8-1ubuntu1
• Published on 2023-01-23

Changelog

openssl (3.0.7-1ubuntu1) lunar; urgency=medium

  * Merge 3.0.7 from Debian unstable (LP: #1998942)
    - Drop patches merged upstream:
      + CVE-2022-3358.patch
      + CVE-2022-3602-1.patch
      + CVE-2022-3602-2.patch
    - Shrink patch since upstream fixed some tests in the patch above:
      + tests-use-seclevel-1.patch
    - Drop patch since -DOPENSSL_TLS_SECURITY_LEVEL=2 is now hard-coded:
      + Set-systemwide-default-settings-for-libssl-users.patch
    - Drop Debian patch not needed anymore:
      + TEST-Provide-a-default-openssl.cnf-for-tests.patch
    - Mention Debian as defaulting to SECLEVEL=2 in addition to Ubuntu:
      + tls1.2-min-seclevel2.patch
    - Remaining changes:
      + Symlink changelog{,.Debian}.gz and copyright.gz from libssl-dev to
        openssl
      + d/libssl3.postinst: Revert Debian deletion
        - Skip services restart & reboot notification if needrestart is in-use.
        - Bump version check to 1.1.1 (bug opened as LP: #1999139)
        - Use a different priority for libssl1.1/restart-services depending
          on whether a desktop, or server dist-upgrade is being performed.
        - Import libraries/restart-without-asking template as used by above.
      + Add support for building with noudeb build profile.
      + Use perl:native in the autopkgtest for installability on i386.
  * Correct comment as to which TLS version is disabled with our seclevel:
    - skip_tls1.1_seclevel3_tests.patch

  [Sebastian Andrzej Siewior]
  * CVE-2022-3996 (X.509 Policy Constraints Double Locking).

openssl (3.0.7-1) unstable; urgency=medium

  * Import 3.0.7
    - Using a Custom Cipher with NID_undef may lead to NULL encryption
      (CVE-2022-3358) (Closes: #1021620).
    - X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602).
    - X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786).
  * Disable rdrand engine (the opcode on x86).
  * Remove config bits for MIPS R6, the generic MIPS config can be used.

openssl (3.0.5-4) unstable; urgency=medium

  * Add ssl_conf() serialisation (Closes: #1020308).

openssl (3.0.5-3) unstable; urgency=medium

  * Add cert.pem symlink pointing to ca-certificates' ca-certificates.crt
   (Closes: #805646).
  * Compile with OPENSSL_TLS_SECURITY_LEVEL=2 (Closes: #918727).

 -- Adrien Nader <email address hidden>  Tue, 06 Dec 2022 15:11:40 +0100

Builds

• amd64
• arm64
• armhf
• i386
• ppc64el
• riscv64
• s390x

Package files

• libssl-dev_3.0.7-1ubuntu1_amd64.deb (2.3 MiB)
• libssl-dev_3.0.7-1ubuntu1_arm64.deb (2.2 MiB)
• libssl-dev_3.0.7-1ubuntu1_armhf.deb (2.0 MiB)
• libssl-dev_3.0.7-1ubuntu1_i386.deb (2.3 MiB)
• libssl-dev_3.0.7-1ubuntu1_ppc64el.deb (2.5 MiB)
• libssl-dev_3.0.7-1ubuntu1_riscv64.deb (4.2 MiB)
• libssl-dev_3.0.7-1ubuntu1_s390x.deb (1.9 MiB)
• libssl-doc_3.0.7-1ubuntu1_all.deb (2.0 MiB)
• libssl3-dbgsym_3.0.7-1ubuntu1_amd64.ddeb (4.8 MiB)
• libssl3-dbgsym_3.0.7-1ubuntu1_arm64.ddeb (4.6 MiB)
• libssl3-dbgsym_3.0.7-1ubuntu1_armhf.ddeb (4.2 MiB)
• libssl3-dbgsym_3.0.7-1ubuntu1_i386.ddeb (3.5 MiB)
• libssl3-dbgsym_3.0.7-1ubuntu1_ppc64el.ddeb (5.4 MiB)
• libssl3-dbgsym_3.0.7-1ubuntu1_riscv64.ddeb (4.3 MiB)
• libssl3-dbgsym_3.0.7-1ubuntu1_s390x.ddeb (4.6 MiB)
• libssl3_3.0.7-1ubuntu1_amd64.deb (1.8 MiB)
• libssl3_3.0.7-1ubuntu1_arm64.deb (1.7 MiB)
• libssl3_3.0.7-1ubuntu1_armhf.deb (1.5 MiB)
• libssl3_3.0.7-1ubuntu1_i386.deb (1.8 MiB)
• libssl3_3.0.7-1ubuntu1_ppc64el.deb (2.0 MiB)
• libssl3_3.0.7-1ubuntu1_riscv64.deb (1.4 MiB)
• libssl3_3.0.7-1ubuntu1_s390x.deb (1.5 MiB)
• openssl-dbgsym_3.0.7-1ubuntu1_amd64.ddeb (733.3 KiB)
• openssl-dbgsym_3.0.7-1ubuntu1_arm64.ddeb (734.5 KiB)
• openssl-dbgsym_3.0.7-1ubuntu1_armhf.ddeb (644.2 KiB)
• openssl-dbgsym_3.0.7-1ubuntu1_i386.ddeb (584.3 KiB)
• openssl-dbgsym_3.0.7-1ubuntu1_ppc64el.ddeb (803.8 KiB)
• openssl-dbgsym_3.0.7-1ubuntu1_riscv64.ddeb (654.9 KiB)
• openssl-dbgsym_3.0.7-1ubuntu1_s390x.ddeb (713.7 KiB)
• openssl_3.0.7-1ubuntu1.debian.tar.xz (103.5 KiB)
• openssl_3.0.7-1ubuntu1.dsc (2.5 KiB)
• openssl_3.0.7-1ubuntu1_amd64.deb (1.1 MiB)
• openssl_3.0.7-1ubuntu1_arm64.deb (1.1 MiB)
• openssl_3.0.7-1ubuntu1_armhf.deb (1.1 MiB)
• openssl_3.0.7-1ubuntu1_i386.deb (1.1 MiB)
• openssl_3.0.7-1ubuntu1_ppc64el.deb (1.1 MiB)
• openssl_3.0.7-1ubuntu1_riscv64.deb (1.1 MiB)
• openssl_3.0.7-1ubuntu1_s390x.deb (1.1 MiB)
• openssl_3.0.7.orig.tar.gz (14.4 MiB)
• openssl_3.0.7.orig.tar.gz.asc (858 bytes)