Accepted openssl 3.0.3-1 (source) into experimental
- To: debian-experimental-changes@lists.debian.org, debian-devel-changes@lists.debian.org
- Subject: Accepted openssl 3.0.3-1 (source) into experimental
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Fri, 06 May 2022 21:35:45 +0000
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id:Subject: Content-Transfer-Encoding:Content-Type:MIME-Version:To:Reply-To:From:Cc: Content-ID:Content-Description:In-Reply-To:References; bh=6Br0p02xGXqwrhRNFPxfO81vhLj9Jy0xr1li1hmAaic=; b=CQmbHFdIdBpsWIW+Fl85VbQOjo 6xDIrec5ehJdfDa/iRRAW8EeVbCAFbIJjH05rnbKocXbMOog6U/5Mdi6cF3ai+H+9conrvGVNQbU2 YuFUMbVY/s+p7o0PDdT7Nc9c8Q2HvbKYG5j7qJ1Jws6rSA3diCu7D8CzD0OV9C+al+aXieNDFZ1o5 S9c68FgNocOUbuN79BwKuA+aHq0H8Y3KxpPrlyyd9YRL61VXyXJsJZopWNorv6WTgVX9pyvXn0Eik 7QyRudG3qQYmO92Pc6OCMCBDU9OV+HaDwma33ATCsGen/yYrwlG0ZPDcCBz4Rim6jr84zXfTi9MNw EV0xcW5Q==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1nn5c1-000GSH-Jx@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 06 May 2022 22:21:52 +0200
Source: openssl
Architecture: source
Version: 3.0.3-1
Distribution: experimental
Urgency: medium
Maintainer: Debian OpenSSL Team <pkg-openssl-devel@alioth-lists.debian.net>
Changed-By: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Closes: 948800 983722 1010360
Changes:
openssl (3.0.3-1) experimental; urgency=medium
.
* Import 3.0.3
- CVE-2022-1292 (The c_rehash script allows command injection).
- CVE-2022-1343 (OCSP_basic_verify may incorrectly verify the response
signing certificate).
- CVE-2022-1434 (Incorrect MAC key used in the RC4-MD5 ciphersuite).
- CVE-2022-1473 (Resource leakage when decoding certificates and keys).
- Add new symbols.
* Correct the openssl.cnf to provide proper default configuration. Thanks to
Matthias Blümel (Closes: #1010360).
* Use a separator in the CipherString in openssl.cnf (Closes: #948800).
* Remove the postinst script which was used to restart daemons after a
library upgrade. It is not updated and essentially dead code. Users are
advised to switch to checkrestart/ needrestart or a similar service.
Thanks to Helmut Grohne (Closes: #983722).
Checksums-Sha1:
58deaf4ca08c283e2109a0d982b8117d000f6eb4 2634 openssl_3.0.3-1.dsc
1138de3f1a2f573ae69302ab52ecd9bbf5e063ca 15058905 openssl_3.0.3.orig.tar.gz
8f885437a2a5df235ddc2d5cba46477cccca335d 488 openssl_3.0.3.orig.tar.gz.asc
2eb3663ea5256b5591cd8cac4ac1561f76c4698f 68068 openssl_3.0.3-1.debian.tar.xz
Checksums-Sha256:
7cc5c615c5d270ffc7425fe62486edf84057439b3d208b88892b2978ca7dec27 2634 openssl_3.0.3-1.dsc
ee0078adcef1de5f003c62c80cc96527721609c6f3bb42b7795df31f8b558c0b 15058905 openssl_3.0.3.orig.tar.gz
3518d826c0758ab218a318cf5f2d44abe9191d85fb598e830120def6e575cd4b 488 openssl_3.0.3.orig.tar.gz.asc
2d063fc062e9feffc3212845cc9a96d42a102e14bb39eefab10b538593838f7d 68068 openssl_3.0.3-1.debian.tar.xz
Files:
d187f0b16b3e61a8b684f4119eded14a 2634 utils optional openssl_3.0.3-1.dsc
07e9048cd2b1a22668b13ec9cd093cb5 15058905 utils optional openssl_3.0.3.orig.tar.gz
665c50638601a1dff3949d69270a6fba 488 utils optional openssl_3.0.3.orig.tar.gz.asc
25152c3a540892d9ceea44b8e21f8deb 68068 utils optional openssl_3.0.3-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQJMBAEBCgA2FiEEZCVGlf/wqkRmzBnme5boFiqM9dEFAmJ1hrkYHHNlYmFzdGlh
bkBicmVha3BvaW50LmNjAAoJEHuW6BYqjPXRTo4P/j1UIS3p8oUNwwtYN4NO79q8
ZdGdTE7Tq9T/6hiGVzLoowWgtx2xAKtOD58waq5roxfs34oCB4nykdieLrPglVJl
HxaoG99FP8NGcKrKU35d98Qi7P2Z5UMY4OQ5NoVi/fZCjzXQI+Ny5CRXSEqfngPR
x5at3a+GpawGJE9uq5tudrBvD/sAv9VfVl/j732YXmkNfpU+bPs+/K066m5kNNlF
L0YB5ekwFcwDwGMNi1X/6MOfylFy2p5mnTGUdyQ487kYMeqO4hVmFd32HeqRcOXe
ZCUYuesCh2oVKw7I8lwRJbRx0QVhvc4de8hQV/k4V+9WUZsQamwODpuraEP6dEgx
ZL7OjNbCvaAhlJQ315JJz/S49T6NmWhJlAoWTISXWOcrxPHFRfr3V8hTbn/q/vat
BTf8CK7LtshKrCAXZYec5DkfaS/ur1vWw0mJP7drQvWlt/u/Ri2tSYxD3Wk63w8n
icCBhGwY+yFl++JcqnAv8dpW/QnpqFFGiW/4Xp9txjKCKbQeNMxgYSz7gNO84pKK
smUNrKO6cltBwsLYIlQJSKVmCKjt0255dlOLu8KuEn8pP+A6N2Yl4FlQLJLNXP3b
3ZXVdu/QjThjDRKWjQVjRm8kaXUSakNFIOqPqk0JCHBmXutuMsus/DEc4zDFAIuu
Iggvg24uRL/F98xwNvh5
=Xmxg
-----END PGP SIGNATURE-----