Format: 1.8 Date: Thu, 25 Mar 2021 11:44:30 -0400 Source: openssl Binary: libssl-dev libssl1.1 openssl Built-For-Profiles: noudeb Architecture: riscv64 riscv64_translations Version: 1.1.1j-1ubuntu3 Distribution: hirsute-proposed Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: libssl-dev - Secure Sockets Layer toolkit - development files libssl1.1 - Secure Sockets Layer toolkit - shared libraries openssl - Secure Sockets Layer toolkit - cryptographic utility Changes: openssl (1.1.1j-1ubuntu3) hirsute; urgency=medium . * SECURITY UPDATE: NULL pointer deref in signature_algorithms processing - debian/patches/CVE-2021-3449-1.patch: fix NULL pointer dereference in ssl/statem/extensions.c. - debian/patches/CVE-2021-3449-2.patch: teach TLSProxy how to encrypt <= TLSv1.2 ETM records in util/perl/TLSProxy/Message.pm. - debian/patches/CVE-2021-3449-3.patch: add a test to test/recipes/70-test_renegotiation.t. - debian/patches/CVE-2021-3449-4.patch: ensure buffer/length pairs are always in sync in ssl/s3_lib.c, ssl/ssl_lib.c, ssl/statem/extensions.c, ssl/statem/extensions_clnt.c, ssl/statem/statem_clnt.c, ssl/statem/statem_srvr.c. - CVE-2021-3449 * SECURITY UPDATE: CA cert check bypass with X509_V_FLAG_X509_STRICT - debian/patches/CVE-2021-3450-1.patch: do not override error return value by check_curve in crypto/x509/x509_vfy.c, test/verify_extra_test.c. - debian/patches/CVE-2021-3450-2.patch: fix return code check in crypto/x509/x509_vfy.c. - CVE-2021-3450 Checksums-Sha1: 32956172d11958738bca6435f163260b463580b6 2545380 libssl-dev_1.1.1j-1ubuntu3_riscv64.deb 2b1ac48b2c9ec1887cdb9b4ca20861c6fe0d0190 2799044 libssl1.1-dbgsym_1.1.1j-1ubuntu3_riscv64.ddeb 6304aa641d943b14e43e634024e70a6016988e71 973012 libssl1.1_1.1.1j-1ubuntu3_riscv64.deb 439b2ad046951ab214f229c0a2bc1915f89e7245 532960 openssl-dbgsym_1.1.1j-1ubuntu3_riscv64.ddeb afbb9a31acd7b6ae68572a66f86db61e526c1d5b 6931 openssl_1.1.1j-1ubuntu3_riscv64.buildinfo 51528a9775d4035847c63b7c0d83a51c8aa860b6 595140 openssl_1.1.1j-1ubuntu3_riscv64.deb c0af9a59d34f5f3a3b9863fce942f48cac584048 27730 openssl_1.1.1j-1ubuntu3_riscv64_translations.tar.gz Checksums-Sha256: 41751d65a3c53cf17cc6a9e903cf65c99b744c30ffa3ac76ba2dcba0dba92283 2545380 libssl-dev_1.1.1j-1ubuntu3_riscv64.deb ad6903710305e6a320a89ba018de89e9e43af0827f9c2982e984b715a1d838e6 2799044 libssl1.1-dbgsym_1.1.1j-1ubuntu3_riscv64.ddeb beabb827f50a2c6942255443e0f9a107b8c2d907ac8678afb4ca6efd23c647e5 973012 libssl1.1_1.1.1j-1ubuntu3_riscv64.deb e131c7b8423af788bc4343cee1cb95cb29f01053bcfb1596219dd1c3369200ea 532960 openssl-dbgsym_1.1.1j-1ubuntu3_riscv64.ddeb cc057bac4dfe3ccad1a2e45dc1fd7a9b5909d92741f0058cb2ee1d0e76679435 6931 openssl_1.1.1j-1ubuntu3_riscv64.buildinfo 7927209bc411cc3d5eae0a8f83e40d1833ee6e862887016a794bc69acb94223c 595140 openssl_1.1.1j-1ubuntu3_riscv64.deb 52990b15f12684e1b7dcecab6c208804d12bf78a2e8cd99e1fb3835fe1e4fc31 27730 openssl_1.1.1j-1ubuntu3_riscv64_translations.tar.gz Files: e29a02d36c23c323ae5c11a483680332 2545380 libdevel optional libssl-dev_1.1.1j-1ubuntu3_riscv64.deb 3c61d3421feb2dc505525dc86f64fe06 2799044 debug optional libssl1.1-dbgsym_1.1.1j-1ubuntu3_riscv64.ddeb 6258049b91d33c5a5fd1406d6932c0d4 973012 libs optional libssl1.1_1.1.1j-1ubuntu3_riscv64.deb 8a28d29a65c6b3969d42a977cae82430 532960 debug optional openssl-dbgsym_1.1.1j-1ubuntu3_riscv64.ddeb b88e0f56ae861be26c70f17ed1ebbbe8 6931 utils optional openssl_1.1.1j-1ubuntu3_riscv64.buildinfo 7adaacb47b8bf8a8c15a54294069866e 595140 utils optional openssl_1.1.1j-1ubuntu3_riscv64.deb 18a8c0b5e438cbd4a85b39ab69190c5f 27730 raw-translations - openssl_1.1.1j-1ubuntu3_riscv64_translations.tar.gz Original-Maintainer: Debian OpenSSL Team