Format: 1.8
Date: Mon, 17 Apr 2023 15:12:58 -0300
Source: openssl
Binary: libssl-dev libssl3 openssl
Built-For-Profiles: noudeb
Architecture: s390x s390x_translations
Version: 3.0.2-0ubuntu1.9
Distribution: jammy
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos02-s390x-005.buildd>
Changed-By: Camila Camargo de Matos <camila.camargodematos@canonical.com>
Description:
 libssl-dev - Secure Sockets Layer toolkit - development files
 libssl3    - Secure Sockets Layer toolkit - shared libraries
 openssl    - Secure Sockets Layer toolkit - cryptographic utility
Changes:
 openssl (3.0.2-0ubuntu1.9) jammy-security; urgency=medium
 .
   * SECURITY UPDATE: double locking when processing X.509 certificate policy
     constraints
     - debian/patches/CVE-2022-3996-1.patch: revert commit 9aa4be69 and remove
       redundant flag setting.
     - debian/patches/CVE-2022-3996-2.patch: add test case for reported
       deadlock.
     - CVE-2022-3996
   * SECURITY UPDATE: excessive resource use when verifying policy constraints
     - debian/patches/CVE-2023-0464-1.patch: limit the number of nodes created
       in a policy tree (the default limit is set to 1000 nodes).
     - debian/patches/CVE-2023-0464-2.patch: add test cases for the policy
       resource overuse.
     - debian/patches/CVE-2023-0464-3.patch: disable the policy tree
       exponential growth test conditionally.
     - CVE-2023-0464
   * SECURITY UPDATE: invalid certificate policies ignored in leaf certificates
     - debian/patches/CVE-2023-0465-1.patch: ensure that EXFLAG_INVALID_POLICY
       is checked even in leaf certs.
     - debian/patches/CVE-2023-0465-2.patch: generate some certificates with
       the certificatePolicies extension.
     - debian/patches/CVE-2023-0465-3.patch: add a certificate policies test.
     - CVE-2023-0466
   * SECURITY UPDATE: certificate policy check in X509_VERIFY_PARAM_add0_policy
     not enabled as documented
     - debian/patches/CVE-2023-0466.patch: fix documentation of
       X509_VERIFY_PARAM_add0_policy().
     - CVE-2023-0466
Checksums-Sha1:
 6cfa688de3b8aa99bd488e139adfffec695eff7d 2024452 libssl-dev_3.0.2-0ubuntu1.9_s390x.deb
 cb0047700e56a7ab95638f8e6251b4e5989c5ea8 4871214 libssl3-dbgsym_3.0.2-0ubuntu1.9_s390x.ddeb
 6ccf5806c5f161ce68dca932dcc238436dca3cbe 1576874 libssl3_3.0.2-0ubuntu1.9_s390x.deb
 4eff4c9d23c12f2e5d3b01f50996f0475f865d73 739800 openssl-dbgsym_3.0.2-0ubuntu1.9_s390x.ddeb
 8618172d2215aae35eaa1c45ab82dfb63f2dc837 7178 openssl_3.0.2-0ubuntu1.9_s390x.buildinfo
 f1b876d9209a3ad4d3eedfa1afaf3b3d6abea78e 1172954 openssl_3.0.2-0ubuntu1.9_s390x.deb
 51adc72e5ea0989910bbf72674d55c9f958149e9 27124 openssl_3.0.2-0ubuntu1.9_s390x_translations.tar.gz
Checksums-Sha256:
 94970b9a013f3f4955189111bac0542efce794eb96c882368c7cda5345b25486 2024452 libssl-dev_3.0.2-0ubuntu1.9_s390x.deb
 f15fed0bdbfbb3e6808b2d7006893e65cf1fa45034fa6a5c71047cd89ad8949a 4871214 libssl3-dbgsym_3.0.2-0ubuntu1.9_s390x.ddeb
 4507a2645935781ab6ada07b53dd8e1c0d6f48c9df86731912979cef8908f131 1576874 libssl3_3.0.2-0ubuntu1.9_s390x.deb
 0716623c72236b5215580fa5078450923ecd07fa68f08068f4827f599d631864 739800 openssl-dbgsym_3.0.2-0ubuntu1.9_s390x.ddeb
 7124105d4d5beceb172c78baf1f169074757c59833e061de53db33ec9689df50 7178 openssl_3.0.2-0ubuntu1.9_s390x.buildinfo
 1f178c6f007b640911d70990cfe463b7bfc2a3f2dab65e1bb99e5e5703f63870 1172954 openssl_3.0.2-0ubuntu1.9_s390x.deb
 7409c85d18f5aa449713296b9943054f75c63f9121b0a923814c9010e809f389 27124 openssl_3.0.2-0ubuntu1.9_s390x_translations.tar.gz
Files:
 937b1168a155badf3d8527d95bfd0a6b 2024452 libdevel optional libssl-dev_3.0.2-0ubuntu1.9_s390x.deb
 21ea4b6b974988ca0877398fbdaaf25f 4871214 debug optional libssl3-dbgsym_3.0.2-0ubuntu1.9_s390x.ddeb
 af499845f186cf2e63527fe4c81685b8 1576874 libs optional libssl3_3.0.2-0ubuntu1.9_s390x.deb
 65714fc7064558f5fbb6d107af35bdfc 739800 debug optional openssl-dbgsym_3.0.2-0ubuntu1.9_s390x.ddeb
 668ee38c680c3b97f92f139cde4ff69f 7178 utils optional openssl_3.0.2-0ubuntu1.9_s390x.buildinfo
 2efcfde87487fe5c1f0c3b0e4fc81e78 1172954 utils optional openssl_3.0.2-0ubuntu1.9_s390x.deb
 ed8e8e655565d5ddc38dfb8617fa0c1f 27124 raw-translations - openssl_3.0.2-0ubuntu1.9_s390x_translations.tar.gz
Original-Maintainer: Debian OpenSSL Team <pkg-openssl-devel@alioth-lists.debian.net>