Accepted openssl 1.1.1o-1 (source) into unstable
- To: debian-devel-changes@lists.debian.org
- Subject: Accepted openssl 1.1.1o-1 (source) into unstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Fri, 06 May 2022 21:35:36 +0000
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id:Subject: Content-Transfer-Encoding:Content-Type:MIME-Version:To:Reply-To:From:Cc: Content-ID:Content-Description:In-Reply-To:References; bh=aktOrwj0cb8UteQ52E7zQX7otZYHCEtFQX8m7HRqRGo=; b=dSl+udQglhN83GH/+KzLf14jbe AfyoC5y0/gXOcXJqiS/fkvndQ0AS0/yodS90dW7F6n28+05ULyIMMv35l6fA7/0XOh8T/Wrd3TRqs uUh5ZQJ5F572utnOUlK/fqPSavCPeVtNlMfSTjO/8FQvYLHVXdIFFjcqKukcIaptXgKvPMCbev0vp Xlc13V1sn4qW1n0BbOC9zkHPEnrUAaNRZXRzBLWTLGW+UdlCSkSK5sfhAVUEQsGur2StQR5hNoLFl SAsrKdqmon5sEdg7VrNHWNdbFL3tgBgSjpCOCsUh1Pvmr9YYyj2FQL/P0KTIUh+r400G/7qAifZdH snSzVpeg==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1nn5bs-000GR7-7y@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 06 May 2022 22:20:36 +0200
Source: openssl
Architecture: source
Version: 1.1.1o-1
Distribution: unstable
Urgency: medium
Maintainer: Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>
Changed-By: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Closes: 743957 948800 983722 1007808
Changes:
openssl (1.1.1o-1) unstable; urgency=medium
.
* New upstream version.
- CVE-2022-1292 (The c_rehash script allows command injection).
* The orig tar file is now signed with a stronger hash (Closes: #1007808).
* Use a separator in the CipherString in openssl.cnf (Closes: #948800).
* Remove the postinst script which was used to restart daemons after a
library upgrade. It is not updated and essentially dead code. Users are
advised to switch to checkrestart/ needrestart or a similar service.
Thanks to Helmut Grohne (Closes: #983722, #743957).
Checksums-Sha1:
e6e112fda6359fd1d2c3943a82f5e87eab35e559 2653 openssl_1.1.1o-1.dsc
860fa10381ff0a121833583ccaa011bf266bcc63 9856386 openssl_1.1.1o.orig.tar.gz
7fb30b248c65a5fff7113fd726cdf5a889eecc30 488 openssl_1.1.1o.orig.tar.gz.asc
790af818391c4024e45e32b41435d944ee338e47 66660 openssl_1.1.1o-1.debian.tar.xz
Checksums-Sha256:
eeafccc6653f9f43238fa4df63ad746788613d93cad41bf4be4717afd5d32ac1 2653 openssl_1.1.1o-1.dsc
9384a2b0570dd80358841464677115df785edb941c71211f75076d72fe6b438f 9856386 openssl_1.1.1o.orig.tar.gz
eedac808be63078f174ec4765baf84dd6f6a18eff971688bd600cea2e8267bac 488 openssl_1.1.1o.orig.tar.gz.asc
b3ec2ea992940c49bd9861ba78e47bce6fa0e193aac4279521f66b24fe89a1ad 66660 openssl_1.1.1o-1.debian.tar.xz
Files:
2d780816017d2037275097f98540555e 2653 utils optional openssl_1.1.1o-1.dsc
d05e96e200d2ff0aef20c114cb5f17bf 9856386 utils optional openssl_1.1.1o.orig.tar.gz
0fbc8f43c45862b3c411e9cb9b27e77d 488 utils optional openssl_1.1.1o.orig.tar.gz.asc
0d1d98bd42fb33cf3d5e393a702cead2 66660 utils optional openssl_1.1.1o-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQJMBAEBCgA2FiEEZCVGlf/wqkRmzBnme5boFiqM9dEFAmJ1hqcYHHNlYmFzdGlh
bkBicmVha3BvaW50LmNjAAoJEHuW6BYqjPXRYXUP/iLideFLKRuVGBwqxsVxQvck
KZv6fIEcrEuQkbI7GHkagF4gTmPyjbUbRV1xVVo8Aw+aIvbDMU99lluHzxB7YZ+9
GEFpRzRZZ8jSNvQWqZv+njND+1oBJGV+9cFolucjIykDrSpxvFoTKgFhNqT7F5cG
RPqShQBh+Nt5H/xJXta4S8HnHLgjFmb0Ef9lbc/i8h93ed1tjM47weXwdDuMG6kU
P+ZnYUqwRFYXWUmzSSxf2TG2cHvfnyed3gFzg8baLNxo5CcTkoy9fBDL6yMRbXxY
STAhb2ht4VIcuaGPhalRhe67PCa+YWtT6BPzG9PEVp7xCfMycoGA8Y9VbFhFwllR
kKJdT6DyCg0ngEY0IxqsBWb0zg1wXHhe3IYhFEDG7Q71sAY/Svi212RBkMec03/o
CGftzBWKfwLeSdXxueUCYoMVVb3p97E+4rpy7hVXqKwlBFikzZu52f1ArxCuVK9u
4Jv+EmQYokAZK+WC8LWcwsNT9X964o9Yvy7EEtYKqfE4uoOiBhafxvf0+4Xv0JwO
/meM0lnyHlJXoxezfzl1iLZ7tdNrVOg5SyED596lBWn0FBvS4FMY4qi41m15ekAI
tnSaUVb6v5vCiQ9aN3O0Rvwzn5pX0zjF3BWRvooy/sOKiAMbkacPnkf1XwYhf7JE
0d/ZqLf8rmtEhCj790G7
=ApKD
-----END PGP SIGNATURE-----