Format: 1.8 Date: Wed, 24 May 2023 13:14:51 -0400 Source: openssl Binary: libcrypto1.1-udeb libssl-dev libssl1.1 libssl1.1-udeb openssl Architecture: i386 i386_translations Version: 1.1.1f-1ubuntu2.19 Distribution: focal Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: libcrypto1.1-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb) libssl-dev - Secure Sockets Layer toolkit - development files libssl1.1 - Secure Sockets Layer toolkit - shared libraries libssl1.1-udeb - ssl shared library - udeb (udeb) openssl - Secure Sockets Layer toolkit - cryptographic utility Changes: openssl (1.1.1f-1ubuntu2.19) focal-security; urgency=medium . * SECURITY UPDATE: Possible DoS translating ASN.1 object identifiers - debian/patches/CVE-2023-2650.patch: restrict the size of OBJECT IDENTIFIERs that OBJ_obj2txt will translate in crypto/objects/obj_dat.c. - CVE-2023-2650 * Replace CVE-2022-4304 fix with improved version - debian/patches/CVE-2022-4304.patch: remove previous fix. - debian/patches/CVE-2022-4304-1.patch: use alternative fix in crypto/bn/bn_asm.c, crypto/bn/bn_blind.c, crypto/bn/bn_lib.c, crypto/bn/bn_local.h, crypto/rsa/rsa_ossl.c. - debian/patches/CVE-2022-4304-2.patch: re-add BN_F_OSSL_BN_RSA_DO_UNBLIND which was incorrectly removed in include/openssl/bnerr.h. Checksums-Sha1: 4295b899dd7bb1408da4543779e90b21972b2da4 1071132 libcrypto1.1-udeb_1.1.1f-1ubuntu2.19_i386.udeb fd38b51ce9f0229229412ad68690deb12f342923 1614320 libssl-dev_1.1.1f-1ubuntu2.19_i386.deb 57a1ba0d8d588ab8e33b3f6ae652ef4c32cbdd39 2378752 libssl1.1-dbgsym_1.1.1f-1ubuntu2.19_i386.ddeb e35ecfbfee8622cb227498eaa4070a3803637439 206604 libssl1.1-udeb_1.1.1f-1ubuntu2.19_i386.udeb bb51a8fe97278eb191f3fffbe105d2aa09ae42a9 1318472 libssl1.1_1.1.1f-1ubuntu2.19_i386.deb 467c5fe6991d6af54c5941205c04da473de4d3a2 492136 openssl-dbgsym_1.1.1f-1ubuntu2.19_i386.ddeb 7e2bd7746f2665d151eb9422a53f19e0efb2a5c5 7373 openssl_1.1.1f-1ubuntu2.19_i386.buildinfo b9b7dc3765e17305969c5d0000763f6fd1e639bf 630716 openssl_1.1.1f-1ubuntu2.19_i386.deb 42349cabbcb15a4c421ffec1cac4b3b6e0b154f5 27741 openssl_1.1.1f-1ubuntu2.19_i386_translations.tar.gz Checksums-Sha256: 0bde021bc2e2c92d82e7a7c5897e6b370cb619656fb716affe6ef6994b667d91 1071132 libcrypto1.1-udeb_1.1.1f-1ubuntu2.19_i386.udeb b7df37f6792d5d40eab14991ae7ea71e4c5c367f3c784a52871cfcd3d216161f 1614320 libssl-dev_1.1.1f-1ubuntu2.19_i386.deb 62f51882c19bce267942a3cba55e6e15b4eb15bdc7adb3e14cf81d0a6f88da86 2378752 libssl1.1-dbgsym_1.1.1f-1ubuntu2.19_i386.ddeb ae9dcf8b380ad7e25b0878e646d47d502667e130c31f558744e7fa2a167fef36 206604 libssl1.1-udeb_1.1.1f-1ubuntu2.19_i386.udeb 51d93fab6050181a42b2e090bea336f961496333c3f228a99776b774f6db5a3f 1318472 libssl1.1_1.1.1f-1ubuntu2.19_i386.deb 3134f11cd87601f50d1585e911a5706efbea18e86a4c563443191b88197edc69 492136 openssl-dbgsym_1.1.1f-1ubuntu2.19_i386.ddeb cf81632e08a4c08dc9b93d9f841acf361f8b0e3174e9f149e58c1513e6b6f765 7373 openssl_1.1.1f-1ubuntu2.19_i386.buildinfo 47f6eb10a5d70385e89c3fe3f72e3d06dda4992d34fd58d64b0bbc0cbba0d33e 630716 openssl_1.1.1f-1ubuntu2.19_i386.deb 12ddccdbdcb5612a026795532a872f2b49d959b35c399c182472691d3b6807a2 27741 openssl_1.1.1f-1ubuntu2.19_i386_translations.tar.gz Files: 997d0607121f4f7fcbf781451662bad3 1071132 debian-installer optional libcrypto1.1-udeb_1.1.1f-1ubuntu2.19_i386.udeb 019ae16597652a7a31ad62b6d4ff34eb 1614320 libdevel optional libssl-dev_1.1.1f-1ubuntu2.19_i386.deb 56456a09f38c44cf1acba1995ced831a 2378752 debug optional libssl1.1-dbgsym_1.1.1f-1ubuntu2.19_i386.ddeb e1bb636d630780998fc2a1dfc8532de6 206604 debian-installer optional libssl1.1-udeb_1.1.1f-1ubuntu2.19_i386.udeb 70b68e4caffa1d3b4882fd3f63fa850d 1318472 libs optional libssl1.1_1.1.1f-1ubuntu2.19_i386.deb 9e15f7814050a358244c782af674906d 492136 debug optional openssl-dbgsym_1.1.1f-1ubuntu2.19_i386.ddeb 0ef77f41d6eb04a003f25bf6d54458d6 7373 utils optional openssl_1.1.1f-1ubuntu2.19_i386.buildinfo 3bb4735cf222ba548f5dfa204a4766d8 630716 utils optional openssl_1.1.1f-1ubuntu2.19_i386.deb 6f168e56527196b6928da1a2227d0f93 27741 raw-translations - openssl_1.1.1f-1ubuntu2.19_i386_translations.tar.gz Original-Maintainer: Debian OpenSSL Team