Format: 1.8 Date: Mon, 17 Apr 2023 15:12:58 -0300 Source: openssl Binary: libssl-dev libssl3 openssl Built-For-Profiles: noudeb Architecture: i386 i386_translations Version: 3.0.2-0ubuntu1.9 Distribution: jammy Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Camila Camargo de Matos Description: libssl-dev - Secure Sockets Layer toolkit - development files libssl3 - Secure Sockets Layer toolkit - shared libraries openssl - Secure Sockets Layer toolkit - cryptographic utility Changes: openssl (3.0.2-0ubuntu1.9) jammy-security; urgency=medium . * SECURITY UPDATE: double locking when processing X.509 certificate policy constraints - debian/patches/CVE-2022-3996-1.patch: revert commit 9aa4be69 and remove redundant flag setting. - debian/patches/CVE-2022-3996-2.patch: add test case for reported deadlock. - CVE-2022-3996 * SECURITY UPDATE: excessive resource use when verifying policy constraints - debian/patches/CVE-2023-0464-1.patch: limit the number of nodes created in a policy tree (the default limit is set to 1000 nodes). - debian/patches/CVE-2023-0464-2.patch: add test cases for the policy resource overuse. - debian/patches/CVE-2023-0464-3.patch: disable the policy tree exponential growth test conditionally. - CVE-2023-0464 * SECURITY UPDATE: invalid certificate policies ignored in leaf certificates - debian/patches/CVE-2023-0465-1.patch: ensure that EXFLAG_INVALID_POLICY is checked even in leaf certs. - debian/patches/CVE-2023-0465-2.patch: generate some certificates with the certificatePolicies extension. - debian/patches/CVE-2023-0465-3.patch: add a certificate policies test. - CVE-2023-0466 * SECURITY UPDATE: certificate policy check in X509_VERIFY_PARAM_add0_policy not enabled as documented - debian/patches/CVE-2023-0466.patch: fix documentation of X509_VERIFY_PARAM_add0_policy(). - CVE-2023-0466 Checksums-Sha1: b48364158f9d1292c2422264b6f31c8310f744f5 2443500 libssl-dev_3.0.2-0ubuntu1.9_i386.deb 6f791a7dede8d1bfdca8a8193a51c53692fbcf80 3709792 libssl3-dbgsym_3.0.2-0ubuntu1.9_i386.ddeb 4d41f2ee1ce8ffc32c44ffd9bf5b277095276df8 1943472 libssl3_3.0.2-0ubuntu1.9_i386.deb 55be545adc7a6ed3752849df1d8408610cfb3bd4 608074 openssl-dbgsym_3.0.2-0ubuntu1.9_i386.ddeb 6593e871d632276fdcfc6503172b7d348a90f799 7198 openssl_3.0.2-0ubuntu1.9_i386.buildinfo 31ccf1481af05c6048c6480238e36658037dbf1f 1190044 openssl_3.0.2-0ubuntu1.9_i386.deb 841451af73a26f80014323978d1e56dc1fe8aecc 27265 openssl_3.0.2-0ubuntu1.9_i386_translations.tar.gz Checksums-Sha256: 090cf72bbcb907267347802059d99f71333f9f48fdbdffe7d42bf76d2fb47f52 2443500 libssl-dev_3.0.2-0ubuntu1.9_i386.deb 9f6d645d5e13631c94611c9521036648ac1b21abadacb520b352c23e88232d27 3709792 libssl3-dbgsym_3.0.2-0ubuntu1.9_i386.ddeb 14701e47814ab1728e7a9a63b133c011b442f2ebd8b2fc96f573657798dbd0e1 1943472 libssl3_3.0.2-0ubuntu1.9_i386.deb b5bb8192a2a44bd50499590eb60f12cb63fa2373ccc0b5275eb7fd420427c4ce 608074 openssl-dbgsym_3.0.2-0ubuntu1.9_i386.ddeb aa033bf46933716ba0b2a2ac79784baa23c86abac1bb6939e0ff7adb0a90dfbe 7198 openssl_3.0.2-0ubuntu1.9_i386.buildinfo 63e6f398c0e577d3b9f2126fe87957271ed4e035cbebd25017cb1b79226b5889 1190044 openssl_3.0.2-0ubuntu1.9_i386.deb 051e7ca398db9de793216e39f323429cad5d53d00297563481b7ae2f2d6d9fab 27265 openssl_3.0.2-0ubuntu1.9_i386_translations.tar.gz Files: 206639a94e89647de0aa7c7c1413ac5b 2443500 libdevel optional libssl-dev_3.0.2-0ubuntu1.9_i386.deb 3964bdefab6a6dc3e5c8a1917415bcb1 3709792 debug optional libssl3-dbgsym_3.0.2-0ubuntu1.9_i386.ddeb e3743ba467563199c8a9137d1e92ddf7 1943472 libs optional libssl3_3.0.2-0ubuntu1.9_i386.deb 80a6d6064cc80aab279ee9963e8f6812 608074 debug optional openssl-dbgsym_3.0.2-0ubuntu1.9_i386.ddeb 3f6d08e53cb88b05f37137390889a9a7 7198 utils optional openssl_3.0.2-0ubuntu1.9_i386.buildinfo d3b0a8918d98233d406ce2dee6e54626 1190044 utils optional openssl_3.0.2-0ubuntu1.9_i386.deb 098eb3116f69b4262dcf8b9107e50329 27265 raw-translations - openssl_3.0.2-0ubuntu1.9_i386_translations.tar.gz Original-Maintainer: Debian OpenSSL Team