Accepted openssl 3.0.8-1 (source) into unstable
- To: debian-devel-changes@lists.debian.org
- Subject: Accepted openssl 3.0.8-1 (source) into unstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Tue, 07 Feb 2023 21:13:31 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: openssl_3.0.8-1_source.changes
- Debian-source: openssl
- Debian-suite: unstable
- Debian-version: 3.0.8-1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=iTIfpTkxD8lLj3wUoFptdaTjfFfVmzqnEMLlMF6Qc1g=; b=WqO+OZEhhFUU2omqgCSW61Ua3m Cr2kUYiR3aP+FZ7YWxuYgmtboPBFR2iAi9dYUroEOM75e+iuj7/PdHXGpTOtSHQxbMOYNaXwyu2lA JkRShFmReuyhH6Zl8eYsbAuconsd3Eg/9ug7SA1DEioVos1MBR/vRvhwas+0cLJGsg99o2W49AO5P laPAGlYvWbnn8r8yJv96RCT1o/ydLyhAuJR6zaAhOt1x90gxtoHMq9X+cy5YsJ8wov5rSEQdvyKcv 1NNfJ0iL3PPlCbXfNeg30Or1MuL/D0UfEZeJ2jRzHaWIbar22Y/FCdkHvf5LmgJBLhGNEk5BxRsLF Lnf1Zvwg==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1pPVHP-006lPR-5g@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 07 Feb 2023 21:42:42 +0100
Source: openssl
Architecture: source
Version: 3.0.8-1
Distribution: unstable
Urgency: medium
Maintainer: Debian OpenSSL Team <pkg-openssl-devel@alioth-lists.debian.net>
Changed-By: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Closes: 1029259 1029281
Changes:
openssl (3.0.8-1) unstable; urgency=medium
.
* Import 3.0.7
- CVE-2023-0401 (NULL dereference during PKCS7 data verification).
- CVE-2023-0286 (X.400 address type confusion in X.509 GeneralName).
- CVE-2023-0217 (NULL dereference validating DSA public key).
- CVE-2023-0216 (Invalid pointer dereference in d2i_PKCS7 functions).
- CVE-2023-0215 (Use-after-free following BIO_new_NDEF).
- CVE-2022-4450 (Double free after calling PEM_read_bio_ex).
- CVE-2022-4304 (Timing Oracle in RSA Decryption).
- CVE-2022-4203 (X.509 Name Constraints Read Buffer Overflow).
- Padlock: fix byte swapping assembly for AES-192 and 256
(Closes: #1029259).
- Add new symbol.
* Make loongarch64 little endian (Closes: #1029281).
* Drop conflict against libssl1.0-dev.
* Update Standards-Version to 4.6.1. No changes required.
Checksums-Sha1:
f1ac3d028bcc2f9b36e1f9bf90c2b2323f4fa29e 2633 openssl_3.0.8-1.dsc
580d8a7232327fe1fa6e7db54ac060d4321f40ab 15151328 openssl_3.0.8.orig.tar.gz
4de52f934010760aa5653b512aed8b87c1a1c8f4 833 openssl_3.0.8.orig.tar.gz.asc
c5092a3ba02104dea94f3818d23d14d13412e843 75420 openssl_3.0.8-1.debian.tar.xz
Checksums-Sha256:
0f8ac1a4ed55e1e1b70e93a781450273c02cf52aacc0eb70b69586a30ed68261 2633 openssl_3.0.8-1.dsc
6c13d2bf38fdf31eac3ce2a347073673f5d63263398f1f69d0df4a41253e4b3e 15151328 openssl_3.0.8.orig.tar.gz
565e31cbc436ec4de82c4b526a01caab1cdc9b78d32705f6e0f57666980331ad 833 openssl_3.0.8.orig.tar.gz.asc
b7b254f67f0f3443fc4441deec2b9bc6d2d24f9168827dd88ff2bab6f370976c 75420 openssl_3.0.8-1.debian.tar.xz
Files:
5662fdd6c6cec1957f1bbdd36373451f 2633 utils optional openssl_3.0.8-1.dsc
61e017cf4fea1b599048f621f1490fbd 15151328 utils optional openssl_3.0.8.orig.tar.gz
0909410c6f4b262c1a0883461c3b86c9 833 utils optional openssl_3.0.8.orig.tar.gz.asc
d53c86641cb2bc0d1cb0b82b2b1d09a3 75420 utils optional openssl_3.0.8-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEZCVGlf/wqkRmzBnme5boFiqM9dEFAmPiugkACgkQe5boFiqM
9dFEfxAAotDYQ2MJwM6TvwnGghjvdc2Hl1naEkdDN0a4pZBywggf2OooH9VcrdyG
R6XkYPKcOtdz8ngAxNujl1cNwMIvXmMhnaHviByknoigCynBU/oxotDQJ0rgGiX3
vaCUk7dJKj5sXkVhsdkmxckk1l1Uc3Fj/uZRdYz5pvT85/ZNaBcoQhUznsTZzTy2
Wy84tr12roN54IVz0Upk3ooOgnPpyTIe1+gVqdFYyJvy5xXLSKUoatrj5tFDs69u
wcGHm7c3PYlrZg8cB0P6UIRzL2eMxZyYX4JRFeW2RJWRcRIRDy6wSYHEkcQx42tf
oNHL83CIVOATaFuHpKOP5pNuE//yS481MfL571/JfZrA/JQwxtpqM1Pb28qSFbPk
8jYl3GMoI5OpF7I9AVE24c6rbDQRc/Cr/gVKvgo+v3UNbGgdsTjzPkMgBpwGfehB
Y6ioQY88HJsfusv1QOQd0rwUbKlnYwrI7AKM0IQyAKFlPmOGnRPfy7C2qE6lFnFK
D9SJ/CCcJRvRR39RegUFjmmiHWeLC16oVgw45vB+kVPveDKi9ZtyOIjjvlOZhmga
NLUrCzsgNP9hc6/lvqi/CAf0E4yZ9CVKIxgOCDKq9vuUBM1LuUqpiJjFlMjQuryl
qmqkm/t/XF+Tx40TaNx9VBCWgt0hXNf/viYcs2PA3ynD0T9Kkzc=
=1yV+
-----END PGP SIGNATURE-----