-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 26 May 2023 23:30:44 +0200 Source: openssl Binary: libcrypto1.1-udeb libssl-dev libssl1.1 libssl1.1-dbgsym libssl1.1-udeb openssl openssl-dbgsym Architecture: armhf Version: 1.1.1n-0+deb11u5 Distribution: bullseye-security Urgency: medium Maintainer: arm Build Daemon (arm-ubc-04) Changed-By: Sebastian Andrzej Siewior Description: libcrypto1.1-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb) libssl-dev - Secure Sockets Layer toolkit - development files libssl1.1 - Secure Sockets Layer toolkit - shared libraries libssl1.1-udeb - ssl shared library - udeb (udeb) openssl - Secure Sockets Layer toolkit - cryptographic utility Closes: 1034720 Changes: openssl (1.1.1n-0+deb11u5) bullseye-security; urgency=medium . * CVE-2023-0464 (Excessive Resource Usage Verifying X.509 Policy Constraints) (Closes: #1034720). * CVE-2023-0465 (Invalid certificate policies in leaf certificates are silently ignored). * CVE-2023-0466 (Certificate policy check not enabled). * Alternative fix for CVE-2022-4304 (Timing Oracle in RSA Decryption). * CVE-2023-2650 (Possible DoS translating ASN.1 object identifiers). Checksums-Sha1: 0327f346f524ec4fdedf86185266a718cc604a11 894640 libcrypto1.1-udeb_1.1.1n-0+deb11u5_armhf.udeb b19453747e74caa92f59f44a8a1ee5de2ca90223 1609964 libssl-dev_1.1.1n-0+deb11u5_armhf.deb 9a72cd337183d7f429f3a0f5b4d87df399cb623e 2861992 libssl1.1-dbgsym_1.1.1n-0+deb11u5_armhf.deb a1b7da71f71f459b4a1ced61a7b34b5acb42d256 158880 libssl1.1-udeb_1.1.1n-0+deb11u5_armhf.udeb f0c6aa5288153777617120800274304550c2f9bd 1313504 libssl1.1_1.1.1n-0+deb11u5_armhf.deb b6bdf3e134e95b878c8c8c5e94d3e2eefc5c842d 524708 openssl-dbgsym_1.1.1n-0+deb11u5_armhf.deb 113d0bad2dddbb029488ef9351d2ef696cedb46c 7594 openssl_1.1.1n-0+deb11u5_armhf-buildd.buildinfo a38ed848eb0985d949c2d2ccf6b1107f7964676b 829584 openssl_1.1.1n-0+deb11u5_armhf.deb Checksums-Sha256: c3eb7479313e296bce49f105751c6d3c5677f00ef69e31aa97811f2fd68a81da 894640 libcrypto1.1-udeb_1.1.1n-0+deb11u5_armhf.udeb 691d63eece619d30a1e9026d8809e2ab4666fad027111980b2f954c78319504c 1609964 libssl-dev_1.1.1n-0+deb11u5_armhf.deb ec30a9893a7f5ac63a3d7b043e7e92724e191515f19a616427d05f14de5382ed 2861992 libssl1.1-dbgsym_1.1.1n-0+deb11u5_armhf.deb 8ebe404b3e74ef1addc1f909d5025d0ef8986d67a04c8705d82b24685dd3fcbe 158880 libssl1.1-udeb_1.1.1n-0+deb11u5_armhf.udeb fcb6eb0fb5c724c694e57efe6ce21f8860b90d6e2ae81e79db014b0e6b280e44 1313504 libssl1.1_1.1.1n-0+deb11u5_armhf.deb 2ff79db5fd75be0e2e03c5463871f0a25f138ee55b6b717c8b3b3ec6bc21ee6e 524708 openssl-dbgsym_1.1.1n-0+deb11u5_armhf.deb 95a57f2e46453f28d0f667ece604a7651b5691ed9f44aa1de888217a0fc70292 7594 openssl_1.1.1n-0+deb11u5_armhf-buildd.buildinfo 5f91752eaacade3cc01a4a2aec11f0059a361b15abe17c79e7883b4dbeab954b 829584 openssl_1.1.1n-0+deb11u5_armhf.deb Files: 28551b6a871b73f8860e7f370d29ff85 894640 debian-installer optional libcrypto1.1-udeb_1.1.1n-0+deb11u5_armhf.udeb fe63ece88e66317df4858d8ad29f42b1 1609964 libdevel optional libssl-dev_1.1.1n-0+deb11u5_armhf.deb cb721445be490e9f73a4ae81d59a0c81 2861992 debug optional libssl1.1-dbgsym_1.1.1n-0+deb11u5_armhf.deb cb729d75bba173cbdc8db4a3d7cd2985 158880 debian-installer optional libssl1.1-udeb_1.1.1n-0+deb11u5_armhf.udeb dbadcdfbe33e07d98fe500819b2376a1 1313504 libs optional libssl1.1_1.1.1n-0+deb11u5_armhf.deb 4b3f8aad1774c95f0a77f3c844d98336 524708 debug optional openssl-dbgsym_1.1.1n-0+deb11u5_armhf.deb 058c7405f609933d4700e741975835b4 7594 utils optional openssl_1.1.1n-0+deb11u5_armhf-buildd.buildinfo c161130346ab86daa8a69e70b26c8283 829584 utils optional openssl_1.1.1n-0+deb11u5_armhf.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEU5Ohx66NeEdc9V4jWTHLDRjMKsQFAmR0josACgkQWTHLDRjM KsSThA/+NLB+wGctOzPv6vkmhEb+Uabn8TkHE49F0RgRxU6I5Kj3s22vpNXsvCa4 XVI7mAqesx706bNRA754Y2QGPY6vrJ4+dm7wKCiEKAxzuTUyLSC4W2iLgVsilSuL QBzOzehE+eO7bncQTLBn4SsMlJBBfj8rQnHMlTMoTjQyJ+b2toGF3F0YgJHyevI+ eNSv4SAn4pYKd44u+bS2ds25gfSIZedwIaQTtaIFItWqgvuzOkU8xmEweAejX6Hl Ba/QbY2pjNUT6clbnFz9x3uwuX7kYMsoAatBerJvPqnec9P3iui/g0V5mU8E6qRa dJrHUK3DUle9KayfkAHHkTHpUYxbceUhxEUZkDDFkpV58hlPz1R2Ly7mNzbPVUf/ UPZhsUZWZIdOxqvdJq45DrgL8XbVARrRW8ssjEcp/HbW1IbwtVXdTHTP7kSAL1Zu 4ZD39LIB6+w8NH6h3jRZTF7oMVUOCnHrq1dY0jRhB0Kk6BcDe5lsUFheDAeiAej2 x0XIbLS6pG3+0hPZQ7lP4tglLxABXYJT6JuPqXC5SxLjoDBDNOj40WqWWA+pbj36 uvtWNaZNlHWUgT9DO+XYeO5QsE2GyPCrxjNcQOY00RVVRD7b0tA/xGlxen6VHmbR XQwV1jK4ve0pf42GtNlBV+ulFU31t83QZKzFTmS/Qy5AVx21J2M= =kOq4 -----END PGP SIGNATURE-----