Format: 1.8 Date: Mon, 06 Feb 2023 12:57:17 -0500 Source: openssl Binary: libssl-dev libssl3 openssl Built-For-Profiles: noudeb Architecture: ppc64el ppc64el_translations Version: 3.0.2-0ubuntu1.8 Distribution: jammy Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: libssl-dev - Secure Sockets Layer toolkit - development files libssl3 - Secure Sockets Layer toolkit - shared libraries openssl - Secure Sockets Layer toolkit - cryptographic utility Changes: openssl (3.0.2-0ubuntu1.8) jammy-security; urgency=medium . * SECURITY UPDATE: X.509 Name Constraints Read Buffer Overflow - debian/patches/CVE-2022-4203-1.patch: fix type confusion in nc_match_single() in crypto/x509/v3_ncons.c. - debian/patches/CVE-2022-4203-2.patch: add testcase for nc_match_single type confusion in test/*. - CVE-2022-4203 * SECURITY UPDATE: Timing Oracle in RSA Decryption - debian/patches/CVE-2022-4304.patch: fix timing oracle in crypto/bn/bn_blind.c, crypto/bn/bn_local.h, crypto/bn/build.info, crypto/bn/rsa_sup_mul.c, crypto/rsa/rsa_ossl.c, include/crypto/bn.h. - CVE-2022-4304 * SECURITY UPDATE: Double free after calling PEM_read_bio_ex - debian/patches/CVE-2022-4450-1.patch: avoid dangling ptrs in header and data params for PEM_read_bio_ex in crypto/pem/pem_lib.c. - debian/patches/CVE-2022-4450-2.patch: add a test in test/pemtest.c. - CVE-2022-4450 * SECURITY UPDATE: Use-after-free following BIO_new_NDEF - debian/patches/CVE-2023-0215-1.patch: fix a UAF resulting from a bug in BIO_new_NDEF in crypto/asn1/bio_ndef.c. - debian/patches/CVE-2023-0215-2.patch: check CMS failure during BIO setup with -stream is handled correctly in test/recipes/80-test_cms.t, test/smime-certs/badrsa.pem. - CVE-2023-0215 * SECURITY UPDATE: Invalid pointer dereference in d2i_PKCS7 functions - debian/patches/CVE-2023-0216-1.patch: do not dereference PKCS7 object data if not set in crypto/pkcs7/pk7_lib.c. - debian/patches/CVE-2023-0216-2.patch: add test for d2i_PKCS7 NULL dereference in test/recipes/25-test_pkcs7.t, test/recipes/25-test_pkcs7_data/malformed.pkcs7. - CVE-2023-0216 * SECURITY UPDATE: NULL dereference validating DSA public key - debian/patches/CVE-2023-0217-1.patch: fix NULL deference when validating FFC public key in crypto/ffc/ffc_key_validate.c, include/internal/ffc.h, test/ffc_internal_test.c. - debian/patches/CVE-2023-0217-2.patch: prevent creating DSA and DH keys without parameters through import in providers/implementations/keymgmt/dh_kmgmt.c, providers/implementations/keymgmt/dsa_kmgmt.c. - debian/patches/CVE-2023-0217-3.patch: do not create DSA keys without parameters by decoder in crypto/x509/x_pubkey.c, include/crypto/x509.h, providers/implementations/encode_decode/decode_der2key.c. - CVE-2023-0217 * SECURITY UPDATE: X.400 address type confusion in X.509 GeneralName - debian/patches/CVE-2023-0286.patch: fix GENERAL_NAME_cmp for x400Address in crypto/x509/v3_genn.c, include/openssl/x509v3.h.in, test/v3nametest.c. - CVE-2023-0286 * SECURITY UPDATE: NULL dereference during PKCS7 data verification - debian/patches/CVE-2023-0401-1.patch: check return of BIO_set_md() calls in crypto/pkcs7/pk7_doit.c. - debian/patches/CVE-2023-0401-2.patch: add testcase for missing return check of BIO_set_md() calls in test/recipes/80-test_cms.t, test/recipes/80-test_cms_data/pkcs7-md4.pem. - CVE-2023-0401 Checksums-Sha1: f105207644c57820c90434f682dd16024d48db7c 2616942 libssl-dev_3.0.2-0ubuntu1.8_ppc64el.deb 96da2697aea4ad6fc187fc56cccd390b77e9463e 5706530 libssl3-dbgsym_3.0.2-0ubuntu1.8_ppc64el.ddeb 1370054d83beedbca89edb1f7dafa72bf994650c 2145986 libssl3_3.0.2-0ubuntu1.8_ppc64el.deb d5af01208d1c565b5b4dcbaffe4bc77656a4fbf8 829286 openssl-dbgsym_3.0.2-0ubuntu1.8_ppc64el.ddeb 343d3c098ad2c0afb20cca9da71edbf5ed0f08de 7324 openssl_3.0.2-0ubuntu1.8_ppc64el.buildinfo 4d0064c1bdd25232aae8845f9c4cfe07786a4b3d 1196856 openssl_3.0.2-0ubuntu1.8_ppc64el.deb f3cad202a949d0a531d6764690850a61bad2cdfc 27345 openssl_3.0.2-0ubuntu1.8_ppc64el_translations.tar.gz Checksums-Sha256: 8712294ceb57c97df289f6f52e9dcb826eae4406e547c136bbd9f601851f958c 2616942 libssl-dev_3.0.2-0ubuntu1.8_ppc64el.deb 3fde3319f484de4960643bd77d1525598e29721f35d476c7753a74f4186a6559 5706530 libssl3-dbgsym_3.0.2-0ubuntu1.8_ppc64el.ddeb 29f95a95833c56ab4cc07842016f0dcdec8ba20320e669368d16e52b6a6c8f68 2145986 libssl3_3.0.2-0ubuntu1.8_ppc64el.deb 4462e2323eedc77c529434425ee2bc04b41c88f440148cf8d19b8fc52e2c33d1 829286 openssl-dbgsym_3.0.2-0ubuntu1.8_ppc64el.ddeb 64adb3bf864e1dfae9a8185ac7aba343d3f04a30b526d27610f4f8c0d31ad71f 7324 openssl_3.0.2-0ubuntu1.8_ppc64el.buildinfo c991b464ca6627290ea18cd4658ccb1c103fd8c918b4165e5be254a89253170d 1196856 openssl_3.0.2-0ubuntu1.8_ppc64el.deb de93fe54dd7e6fd563dd7ab985c1af417ba3373c9e2e6360c666128ce4d4d29e 27345 openssl_3.0.2-0ubuntu1.8_ppc64el_translations.tar.gz Files: 18ae6e3c2ef852e4cb9ebc0cd0cb8424 2616942 libdevel optional libssl-dev_3.0.2-0ubuntu1.8_ppc64el.deb 2de123a5b08ca81d54e678c76d8004f9 5706530 debug optional libssl3-dbgsym_3.0.2-0ubuntu1.8_ppc64el.ddeb 19e65c9e51cfb4795945618b570852f5 2145986 libs optional libssl3_3.0.2-0ubuntu1.8_ppc64el.deb 7513125cf2fd7de5d38ab878c8444ec3 829286 debug optional openssl-dbgsym_3.0.2-0ubuntu1.8_ppc64el.ddeb e429faa98b341d3500247020719a6279 7324 utils optional openssl_3.0.2-0ubuntu1.8_ppc64el.buildinfo c1f7b6347ef16190124c93261c3971b2 1196856 utils optional openssl_3.0.2-0ubuntu1.8_ppc64el.deb bab390f8ea6cdbf331d8f614fa8ce464 27345 raw-translations - openssl_3.0.2-0ubuntu1.8_ppc64el_translations.tar.gz Original-Maintainer: Debian OpenSSL Team