Ubuntu
openssl package

openssl 3.0.7-1ubuntu1 source package in Ubuntu

Changelog

openssl (3.0.7-1ubuntu1) lunar; urgency=medium

  * Merge 3.0.7 from Debian unstable (LP: #1998942)
    - Drop patches merged upstream:
      + CVE-2022-3358.patch
      + CVE-2022-3602-1.patch
      + CVE-2022-3602-2.patch
    - Shrink patch since upstream fixed some tests in the patch above:
      + tests-use-seclevel-1.patch
    - Drop patch since -DOPENSSL_TLS_SECURITY_LEVEL=2 is now hard-coded:
      + Set-systemwide-default-settings-for-libssl-users.patch
    - Drop Debian patch not needed anymore:
      + TEST-Provide-a-default-openssl.cnf-for-tests.patch
    - Mention Debian as defaulting to SECLEVEL=2 in addition to Ubuntu:
      + tls1.2-min-seclevel2.patch
    - Remaining changes:
      + Symlink changelog{,.Debian}.gz and copyright.gz from libssl-dev to
        openssl
      + d/libssl3.postinst: Revert Debian deletion
        - Skip services restart & reboot notification if needrestart is in-use.
        - Bump version check to 1.1.1 (bug opened as LP: #1999139)
        - Use a different priority for libssl1.1/restart-services depending
          on whether a desktop, or server dist-upgrade is being performed.
        - Import libraries/restart-without-asking template as used by above.
      + Add support for building with noudeb build profile.
      + Use perl:native in the autopkgtest for installability on i386.
  * Correct comment as to which TLS version is disabled with our seclevel:
    - skip_tls1.1_seclevel3_tests.patch

  [Sebastian Andrzej Siewior]
  * CVE-2022-3996 (X.509 Policy Constraints Double Locking).

openssl (3.0.7-1) unstable; urgency=medium

  * Import 3.0.7
    - Using a Custom Cipher with NID_undef may lead to NULL encryption
      (CVE-2022-3358) (Closes: #1021620).
    - X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602).
    - X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786).
  * Disable rdrand engine (the opcode on x86).
  * Remove config bits for MIPS R6, the generic MIPS config can be used.

openssl (3.0.5-4) unstable; urgency=medium

  * Add ssl_conf() serialisation (Closes: #1020308).

openssl (3.0.5-3) unstable; urgency=medium

  * Add cert.pem symlink pointing to ca-certificates' ca-certificates.crt
   (Closes: #805646).
  * Compile with OPENSSL_TLS_SECURITY_LEVEL=2 (Closes: #918727).

 -- Adrien Nader <email address hidden>  Tue, 06 Dec 2022 15:11:40 +0100

Upload details

Uploaded by:
Adrien Nader
Sponsored by:
Simon Chopin
Uploaded to:
Lunar
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
utils
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
openssl_3.0.7.orig.tar.gz 14.4 MiB 83049d042a260e696f62406ac5c08bf706fd84383f945cf21bd61e9ed95c396e
openssl_3.0.7.orig.tar.gz.asc 858 bytes 18be1d820b25ed5c7d8efe4fdba0b947925273ca114bbd78faecbd99a52df203
openssl_3.0.7-1ubuntu1.debian.tar.xz 103.5 KiB 10f3af70358b3120364c3588873b0b7e56bdab1fc8f4d3de3156eb817f88f74c
openssl_3.0.7-1ubuntu1.dsc 2.5 KiB db6e96457ed02649cd50e9a740882cae25eb62865c6f62a61f55800754b5e513

View changes file

Binary packages built by this source

libssl-dev: Secure Sockets Layer toolkit - development files

 This package is part of the OpenSSL project's implementation of the SSL
 and TLS cryptographic protocols for secure communication over the
 Internet.
 .
 It contains development libraries, header files, and manpages for libssl
 and libcrypto.

libssl-doc: Secure Sockets Layer toolkit - development documentation

 This package is part of the OpenSSL project's implementation of the SSL
 and TLS cryptographic protocols for secure communication over the
 Internet.
 .
 It contains manpages and demo files for libssl and libcrypto.

libssl3: Secure Sockets Layer toolkit - shared libraries

 This package is part of the OpenSSL project's implementation of the SSL
 and TLS cryptographic protocols for secure communication over the
 Internet.
 .
 It provides the libssl and libcrypto shared libraries.

libssl3-dbgsym: debug symbols for libssl3
openssl: Secure Sockets Layer toolkit - cryptographic utility

 This package is part of the OpenSSL project's implementation of the SSL
 and TLS cryptographic protocols for secure communication over the
 Internet.
 .
 It contains the general-purpose command line binary /usr/bin/openssl,
 useful for cryptographic operations such as:
  * creating RSA, DH, and DSA key parameters;
  * creating X.509 certificates, CSRs, and CRLs;
  * calculating message digests;
  * encrypting and decrypting with ciphers;
  * testing SSL/TLS clients and servers;
  * handling S/MIME signed or encrypted mail.

openssl-dbgsym: debug symbols for openssl