Accepted openssl 3.0.10-1~deb12u1 (source) into proposed-updates
- To: debian-changes@lists.debian.org
- Subject: Accepted openssl 3.0.10-1~deb12u1 (source) into proposed-updates
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Sat, 09 Sep 2023 16:17:16 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: openssl_3.0.10-1~deb12u1_source.changes
- Debian-source: openssl
- Debian-suite: proposed-updates
- Debian-version: 3.0.10-1~deb12u1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=uJhYo/H3PbdXn0O8kUcBdLUY1uKgyoNDCx5/ogTulag=; b=Xhrs4Ni/vJe2ZfXJe2oKYMI3nN yuAhxMcE7dIHa3mmcMBcKEanRuUSzQ/HqduDZ1RCF151FSUlcf7ZzzQf9UvGBV2RqV6F7zjlAn6fp IAJzg4owLt6KPvdIiixilWLK/zyA412OvrKG6yOfIlGTrKj2v6hcmvuRgPdNN/f9mTqfrE+vlolAd n8aYAqJ6i7wtCeDK01E4Wrr0W9Ffkj1X8lmKzYCwisMx2Yw9uDr/MUeoQgMy3YT+WUEulvki2rioL sk/ZPMtdQxYYJKbpqmjromcM7GzQJgycWcAhrHOQvV/84n3u4UzLE2ezzHiUiLj5xMVBOrU5uOiee rGKLduUw==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1qf0e4-0005Na-UV@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 26 Aug 2023 11:29:40 +0200
Source: openssl
Architecture: source
Version: 3.0.10-1~deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: Debian OpenSSL Team <pkg-openssl-devel@alioth-lists.debian.net>
Changed-By: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Closes: 1041817 1041818
Changes:
openssl (3.0.10-1~deb12u1) bookworm; urgency=medium
.
* Import 3.0.10
- CVE-2023-2975 (AES-SIV implementation ignores empty associated data
entries) (Closes: #1041818).
- CVE-2023-3446 (Excessive time spent checking DH keys and parameters).
(Closes: #1041817).
- CVE-2023-3817 (Excessive time spent checking DH q parameter value).
Checksums-Sha1:
8fc1069a76664fe37940de07ea31c02b6eb52daf 2501 openssl_3.0.10-1~deb12u1.dsc
f6ce69840df105fd4b9450f76075068e236d620f 15194904 openssl_3.0.10.orig.tar.gz
7202004768624695f6820f89ccdd0630b3e75f61 833 openssl_3.0.10.orig.tar.gz.asc
b5f32796f4f71f85465b63d844112735b076cf76 69024 openssl_3.0.10-1~deb12u1.debian.tar.xz
Checksums-Sha256:
a085e3e6e979b6a16ca981675aa3d7cdd8da3bc84fc7cdd16ab40b59ef0db5d9 2501 openssl_3.0.10-1~deb12u1.dsc
1761d4f5b13a1028b9b6f3d4b8e17feb0cedc9370f6afe61d7193d2cdce83323 15194904 openssl_3.0.10.orig.tar.gz
f6f2e5f62e74a7f87d37e0d1de70b3612b01a9afcfdc00bc05fde82611f26e3d 833 openssl_3.0.10.orig.tar.gz.asc
c4e7b9481cc40aed2234bc3d3d06e47f9778ecfad3976eb9c936b8253915292b 69024 openssl_3.0.10-1~deb12u1.debian.tar.xz
Files:
6804b658e4a53a2097c1861ea591326f 2501 utils optional openssl_3.0.10-1~deb12u1.dsc
5d689e1534373e0b0540b5c087b5d99a 15194904 utils optional openssl_3.0.10.orig.tar.gz
c09fc217a3fa447163558f2490d4a2d8 833 utils optional openssl_3.0.10.orig.tar.gz.asc
3043ddf50ac86e4864fbae615d7d9f58 69024 utils optional openssl_3.0.10-1~deb12u1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQGzBAEBCgAdFiEEV4kucFIzBRM39v3RBWQfF1cS+lsFAmTp9RMACgkQBWQfF1cS
+lt/LwwAmm6niDp7m7lWdtBvmCsOSPapyVtn2EarFCUAVhjcLIDeGMggHdXWV7tb
jyqn/UYGvL7RikOqNfe/71EpwFLiMST+UVHZ3k/gYnyq1wDgAM6WvrGuVncEXlxU
KrjNPjJJdPGmg92Z+7nZLjXt1CblwiE6W2dhYGNPA7ZVaJOIto8KFPWZELh/uIMH
3IV1Ew8M/EZ6hRymzBQXCIiFzB6ZLplT2wdkWljbvS9lMKaZWxmppeEahDNi0bGA
l51PiFOQ62wU4aPpyOdTji2zP1mugKJe+OzQ/4Edxx/fT9MsRZ841kZKXSS/65bC
NxdCvyqDS0RkhUICekV571VJiEeVPf20mnfJSALZR5I0KVPHTmYFSoJ6k2oJZtZG
0Czb7zfhx/yKmDJZmHNiRHd5mMvdSdzNQqjkQ3xfhMJe9fPNY4ztAru4AAdWMY8E
+TMxpIF/3fajXbt/IvZtACezNMFPbOGkBinqR6wiEcxAhtEluBjvhACgNxGsSxYB
uArVivh8
=Kpe2
-----END PGP SIGNATURE-----