Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted openssl 1.1.1o-1 (source) into unstable
Date: Fri, 06 May 2022 21:35:36 +0000
Signed by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 06 May 2022 22:20:36 +0200
Source: openssl
Architecture: source
Version: 1.1.1o-1
Distribution: unstable
Urgency: medium
Maintainer: Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>
Changed-By: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Closes: 743957 948800 983722 1007808
Changes:
 openssl (1.1.1o-1) unstable; urgency=medium
 .
   * New upstream version.
     - CVE-2022-1292 (The c_rehash script allows command injection).
   * The orig tar file is now signed with a stronger hash (Closes: #1007808).
   * Use a separator in the CipherString in openssl.cnf (Closes: #948800).
   * Remove the postinst script which was used to restart daemons after a
     library upgrade. It is not updated and essentially dead code. Users are
     advised to switch to checkrestart/ needrestart or a similar service.
     Thanks to Helmut Grohne (Closes: #983722, #743957).
Checksums-Sha1:
 e6e112fda6359fd1d2c3943a82f5e87eab35e559 2653 openssl_1.1.1o-1.dsc
 860fa10381ff0a121833583ccaa011bf266bcc63 9856386 openssl_1.1.1o.orig.tar.gz
 7fb30b248c65a5fff7113fd726cdf5a889eecc30 488 openssl_1.1.1o.orig.tar.gz.asc
 790af818391c4024e45e32b41435d944ee338e47 66660 openssl_1.1.1o-1.debian.tar.xz
Checksums-Sha256:
 eeafccc6653f9f43238fa4df63ad746788613d93cad41bf4be4717afd5d32ac1 2653 openssl_1.1.1o-1.dsc
 9384a2b0570dd80358841464677115df785edb941c71211f75076d72fe6b438f 9856386 openssl_1.1.1o.orig.tar.gz
 eedac808be63078f174ec4765baf84dd6f6a18eff971688bd600cea2e8267bac 488 openssl_1.1.1o.orig.tar.gz.asc
 b3ec2ea992940c49bd9861ba78e47bce6fa0e193aac4279521f66b24fe89a1ad 66660 openssl_1.1.1o-1.debian.tar.xz
Files:
 2d780816017d2037275097f98540555e 2653 utils optional openssl_1.1.1o-1.dsc
 d05e96e200d2ff0aef20c114cb5f17bf 9856386 utils optional openssl_1.1.1o.orig.tar.gz
 0fbc8f43c45862b3c411e9cb9b27e77d 488 utils optional openssl_1.1.1o.orig.tar.gz.asc
 0d1d98bd42fb33cf3d5e393a702cead2 66660 utils optional openssl_1.1.1o-1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQJMBAEBCgA2FiEEZCVGlf/wqkRmzBnme5boFiqM9dEFAmJ1hqcYHHNlYmFzdGlh
bkBicmVha3BvaW50LmNjAAoJEHuW6BYqjPXRYXUP/iLideFLKRuVGBwqxsVxQvck
KZv6fIEcrEuQkbI7GHkagF4gTmPyjbUbRV1xVVo8Aw+aIvbDMU99lluHzxB7YZ+9
GEFpRzRZZ8jSNvQWqZv+njND+1oBJGV+9cFolucjIykDrSpxvFoTKgFhNqT7F5cG
RPqShQBh+Nt5H/xJXta4S8HnHLgjFmb0Ef9lbc/i8h93ed1tjM47weXwdDuMG6kU
P+ZnYUqwRFYXWUmzSSxf2TG2cHvfnyed3gFzg8baLNxo5CcTkoy9fBDL6yMRbXxY
STAhb2ht4VIcuaGPhalRhe67PCa+YWtT6BPzG9PEVp7xCfMycoGA8Y9VbFhFwllR
kKJdT6DyCg0ngEY0IxqsBWb0zg1wXHhe3IYhFEDG7Q71sAY/Svi212RBkMec03/o
CGftzBWKfwLeSdXxueUCYoMVVb3p97E+4rpy7hVXqKwlBFikzZu52f1ArxCuVK9u
4Jv+EmQYokAZK+WC8LWcwsNT9X964o9Yvy7EEtYKqfE4uoOiBhafxvf0+4Xv0JwO
/meM0lnyHlJXoxezfzl1iLZ7tdNrVOg5SyED596lBWn0FBvS4FMY4qi41m15ekAI
tnSaUVb6v5vCiQ9aN3O0Rvwzn5pX0zjF3BWRvooy/sOKiAMbkacPnkf1XwYhf7JE
0d/ZqLf8rmtEhCj790G7
=ApKD
-----END PGP SIGNATURE-----
News for package openssl
