Format: 1.8
Date: Mon, 24 Apr 2023 07:52:33 -0300
Source: openssl
Binary: libssl-dev libssl-doc libssl3 openssl
Built-For-Profiles: noudeb
Architecture: amd64 all amd64_translations
Version: 3.0.8-1ubuntu1.1
Distribution: lunar
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@lcy02-amd64-088.buildd>
Changed-By: Camila Camargo de Matos <camila.camargodematos@canonical.com>
Description:
 libssl-dev - Secure Sockets Layer toolkit - development files
 libssl-doc - Secure Sockets Layer toolkit - development documentation
 libssl3    - Secure Sockets Layer toolkit - shared libraries
 openssl    - Secure Sockets Layer toolkit - cryptographic utility
Changes:
 openssl (3.0.8-1ubuntu1.1) lunar-security; urgency=medium
 .
   * SECURITY UPDATE: excessive resource use when verifying policy constraints
     - debian/patches/CVE-2023-0464-1.patch: limit the number of nodes created
       in a policy tree (the default limit is set to 1000 nodes).
     - debian/patches/CVE-2023-0464-2.patch: add test cases for the policy
       resource overuse.
     - debian/patches/CVE-2023-0464-3.patch: disable the policy tree
       exponential growth test conditionally.
     - CVE-2023-0464
   * SECURITY UPDATE: invalid certificate policies ignored in leaf certificates
     - debian/patches/CVE-2023-0465-1.patch: ensure that EXFLAG_INVALID_POLICY
       is checked even in leaf certs.
     - debian/patches/CVE-2023-0465-2.patch: generate some certificates with
       the certificatePolicies extension.
     - debian/patches/CVE-2023-0465-3.patch: add a certificate policies test.
     - CVE-2023-0466
   * SECURITY UPDATE: certificate policy check in X509_VERIFY_PARAM_add0_policy
     not enabled as documented
     - debian/patches/CVE-2023-0466.patch: fix documentation of
       X509_VERIFY_PARAM_add0_policy().
     - CVE-2023-0466
Checksums-Sha1:
 c843f9a644092e866472c3bf302ca48875f097b8 2379026 libssl-dev_3.0.8-1ubuntu1.1_amd64.deb
 50f99c32e943116bcf8568a9681b93f1df7a1f33 2134562 libssl-doc_3.0.8-1ubuntu1.1_all.deb
 a5acb9ff7ae77b584abc18dcb77eb1e572d127c0 5037436 libssl3-dbgsym_3.0.8-1ubuntu1.1_amd64.ddeb
 02431639e9fccad9ffd6c4d47fb58034b8d46465 1903378 libssl3_3.0.8-1ubuntu1.1_amd64.deb
 910cc0e480f5912226e31a05a421541ff84a3dd2 750418 openssl-dbgsym_3.0.8-1ubuntu1.1_amd64.ddeb
 44598055238fbc4d5ed949bb5333ba9d0d9d9593 7293 openssl_3.0.8-1ubuntu1.1_amd64.buildinfo
 5b25adcba7e5572dad2fcd5ca6029e098746d3a7 1181680 openssl_3.0.8-1ubuntu1.1_amd64.deb
 65e5178ec9d53ff83174f8ffbb4e83cd32770b3c 27594 openssl_3.0.8-1ubuntu1.1_amd64_translations.tar.gz
Checksums-Sha256:
 203bffe42a8ad3165aea9e292d64f63bb3d892b3a5d2222805ea2520d3e62696 2379026 libssl-dev_3.0.8-1ubuntu1.1_amd64.deb
 e80c8c6a25fee1377f086d20347db354f0a730bc3361c4f795861389cc4b45d5 2134562 libssl-doc_3.0.8-1ubuntu1.1_all.deb
 9ee8e9136568907e6fd01affc287075a7e196d1412dfddc3832cca491777f827 5037436 libssl3-dbgsym_3.0.8-1ubuntu1.1_amd64.ddeb
 0f06c5f6ce92d6016a170161327f3463756857cfb4b0e75a07463b60fc9eff37 1903378 libssl3_3.0.8-1ubuntu1.1_amd64.deb
 e92f98c3cc49cf78b1bcebe4ee5a6768f301f060e8785d71d990d38abe6ed5c8 750418 openssl-dbgsym_3.0.8-1ubuntu1.1_amd64.ddeb
 c367b6b4109f072fc3e8094ae90d72159c11580337964ee894fbe799bc4ec17f 7293 openssl_3.0.8-1ubuntu1.1_amd64.buildinfo
 319288147f99660d2bb754d5197c4b367c14bc86c1ed8e8d78a83ddb188ca212 1181680 openssl_3.0.8-1ubuntu1.1_amd64.deb
 c5cb3ad88d9dbcca3bef599701c2e5e1ba623840e30dd209a6b647470ba7b409 27594 openssl_3.0.8-1ubuntu1.1_amd64_translations.tar.gz
Files:
 51f66a1fa517bd85fad1a53bbd138dd5 2379026 libdevel optional libssl-dev_3.0.8-1ubuntu1.1_amd64.deb
 de49057d705017413385ddb04332ed34 2134562 doc optional libssl-doc_3.0.8-1ubuntu1.1_all.deb
 014f75de7687994eb2295d2c2e6ec1ef 5037436 debug optional libssl3-dbgsym_3.0.8-1ubuntu1.1_amd64.ddeb
 e9df095f57cbbdd7967872549ea17741 1903378 libs optional libssl3_3.0.8-1ubuntu1.1_amd64.deb
 e2e0beec138acf5d29773268767cad10 750418 debug optional openssl-dbgsym_3.0.8-1ubuntu1.1_amd64.ddeb
 a72b3abf27583450a6a2b11f94ebb8d3 7293 utils optional openssl_3.0.8-1ubuntu1.1_amd64.buildinfo
 4b420642b7ed8cd9f0ccd50419bca259 1181680 utils optional openssl_3.0.8-1ubuntu1.1_amd64.deb
 f6694087ba1d16914feafbf27dda6468 27594 raw-translations - openssl_3.0.8-1ubuntu1.1_amd64_translations.tar.gz
Original-Maintainer: Debian OpenSSL Team <pkg-openssl-devel@alioth-lists.debian.net>