Ubuntu
openssl package

openssl 1.1.1k-1ubuntu1 source package in Ubuntu

Changelog

openssl (1.1.1k-1ubuntu1) impish; urgency=low

  * Merge from Debian unstable (LP: #1939544). Remaining changes:
    - Replace duplicate files in the doc directory with symlinks.
    - debian/libssl1.1.postinst:
      + Display a system restart required notification on libssl1.1
        upgrade on servers, unless needrestart is available.
      + Use a different priority for libssl1.1/restart-services depending
        on whether a desktop, or server dist-upgrade is being performed.
      + Skip services restart & reboot notification if needrestart is in-use.
      + Bump version check to to 1.1.1.
      + Import libraries/restart-without-asking template as used by above.
    - Revert "Enable system default config to enforce TLS1.2 as a
      minimum" & "Increase default security level from 1 to 2".
    - Reword the NEWS entry, as applicable on Ubuntu.
    - Cherrypick s390x SIMD acceleration patches for poly1305 and chacha20
      and ECC from master.
    - Use perl:native in the autopkgtest for installability on i386.
    - Set OPENSSL_TLS_SECURITY_LEVEL=2 as compiled-in minimum security
      level. Change meaning of SECURITY_LEVEL=2 to prohibit TLS versions
      below 1.2 and update documentation. Previous default of 1, can be set
      by calling SSL_CTX_set_security_level(), SSL_set_security_level() or
      using ':@SECLEVEL=1' CipherString value in openssl.cfg.
    - Import https://github.com/openssl/openssl/pull/12272.patch to enable
      CET.
    - Add support for building with noudeb build profile.
  * Dropped changes, superseded upstream:
    - SECURITY UPDATE: NULL pointer deref in signature_algorithms processing
      -> CVE-2021-3449
    - SECURITY UPDATE: CA cert check bypass with X509_V_FLAG_X509_STRICT
      -> CVE-2021-3450

openssl (1.1.1k-1) unstable; urgency=medium

  * New upstream version.
    - CVE-2021-3450 (CA certificate check bypass with X509_V_FLAG_X509_STRICT).
    - CVE-2021-3449 (NULL pointer deref in signature_algorithms processing).

 -- Simon Chopin <email address hidden>  Wed, 11 Aug 2021 13:00:48 +0200

Upload details

Uploaded by:
Simon Chopin
Sponsored by:
Julian Andres Klode
Uploaded to:
Impish
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
utils
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
openssl_1.1.1k.orig.tar.gz 9.4 MiB 892a0875b9872acd04a9fde79b1f943075d5ea162415de3047c327df33fbaee5
openssl_1.1.1k.orig.tar.gz.asc 488 bytes addeaa197444a62c6063d7f819512c2c22b42141dec9d8ec3bff7e4518e1d1c9
openssl_1.1.1k-1ubuntu1.debian.tar.xz 143.6 KiB c63bc1377eceb3a69a9ca4d2e1b5532ff92e6daf73f582dd143479b4775a3068
openssl_1.1.1k-1ubuntu1.dsc 2.7 KiB 8b8ebce487b0ab6c9df73e3c80805eb03a008920e943861d9b83e18a25b57ff2

View changes file

Binary packages built by this source

libssl-dev: No summary available for libssl-dev in ubuntu impish.

No description available for libssl-dev in ubuntu impish.

libssl-doc: No summary available for libssl-doc in ubuntu impish.

No description available for libssl-doc in ubuntu impish.

libssl1.1: No summary available for libssl1.1 in ubuntu impish.

No description available for libssl1.1 in ubuntu impish.

libssl1.1-dbgsym: No summary available for libssl1.1-dbgsym in ubuntu impish.

No description available for libssl1.1-dbgsym in ubuntu impish.

openssl: No summary available for openssl in ubuntu impish.

No description available for openssl in ubuntu impish.

openssl-dbgsym: No summary available for openssl-dbgsym in ubuntu impish.

No description available for openssl-dbgsym in ubuntu impish.