Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted openssl 3.0.7-1 (source) into unstable
Date: Tue, 01 Nov 2022 21:22:51 +0000
Signed by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 01 Nov 2022 21:39:01 +0100
Source: openssl
Architecture: source
Version: 3.0.7-1
Distribution: unstable
Urgency: medium
Maintainer: Debian OpenSSL Team <pkg-openssl-devel@alioth-lists.debian.net>
Changed-By: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Closes: 1021620
Changes:
 openssl (3.0.7-1) unstable; urgency=medium
 .
   * Import 3.0.7
     - Using a Custom Cipher with NID_undef may lead to NULL encryption
       (CVE-2022-3358) (Closes: #1021620).
     - X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602).
     - X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786).
   * Disable rdrand engine (the opcode on x86).
   * Remove config bits for MIPS R6, the generic MIPS config can be used.
Checksums-Sha1:
 ba889faa1beaff73d5b1367c197e41057e221f65 2601 openssl_3.0.7-1.dsc
 f20736d6aae36bcbfa9aba0d358c71601833bf27 15107575 openssl_3.0.7.orig.tar.gz
 7b4c50ff27fadda7680a985ae2e6b5716f092e56 858 openssl_3.0.7.orig.tar.gz.asc
 91c232746d02b5b7a61fe60f4a311edde53f7320 74992 openssl_3.0.7-1.debian.tar.xz
Checksums-Sha256:
 96e332e50ec17be6f623ef2c77c6146f2dd8418e4b1fe918db0b27798c0e9087 2601 openssl_3.0.7-1.dsc
 83049d042a260e696f62406ac5c08bf706fd84383f945cf21bd61e9ed95c396e 15107575 openssl_3.0.7.orig.tar.gz
 18be1d820b25ed5c7d8efe4fdba0b947925273ca114bbd78faecbd99a52df203 858 openssl_3.0.7.orig.tar.gz.asc
 a43f0c9aa8756629d8d34c3e9f41f5bed85672c7a4b6110d3f65a5edf5d3b89b 74992 openssl_3.0.7-1.debian.tar.xz
Files:
 3e370c40b180045e6ebf1c0e8de2f61c 2601 utils optional openssl_3.0.7-1.dsc
 545478ce41b96bf3beacb4dc58b36c77 15107575 utils optional openssl_3.0.7.orig.tar.gz
 8cf6d88be580b37f4af4ea25424f4d2a 858 utils optional openssl_3.0.7.orig.tar.gz.asc
 e76b322b86cff266889d259d198a3436 74992 utils optional openssl_3.0.7-1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEZCVGlf/wqkRmzBnme5boFiqM9dEFAmNhhA0ACgkQe5boFiqM
9dG95hAAw3IUeGT0QmRi4ONF3Sz13eYM0x80k8ZnACXWNC1a82d1/dNZm0oTC7iI
8C0AMT7Ke2AHK6iHPybkaS9zMpYKbTcLLOsJGifuuTEhMns+OGIOmK+p1lGXC2OO
s75TKNrm3ypjU9mIwRmerWqv3SicQKcOHDagpmxno68aUhuo6WEqbIoyYJpUvAb3
Wn1iJGAt6r8bQM/tUgFNuHo44Cs9end2/EUO7AdMlHf6Y10yafzn4W9xaBHZ/24j
xWKthoMj/rUe/RVhPX4Grp282XnYGzkMy7cVnlRnxhmTC64IE8FeocnIZLkX8NYR
faL8/12Xwiq52/i+Q2VAk17jVoOi3qbQ5heHbXIFCYeliDAc3AjcHjxMDhZWkvzy
DBj8rypqccf8JLdEiHKKpU/tbrWWCUxKanBRiCNYt74IDogrsfgkrYRnkntJI+x+
FbcnCvajDkXCxbjBa9d5xVUn6Dzsu6jKbJC9lhbY9CtSbciZAbMvLC0RPMb07xMX
w6DNzrp9elldJIBBGfpulDM82Zg8rg/FvXoNVDD7KfYUIVYqIOex+N4hsTRVYuDJ
MIKhLMIgPWE2jk3MHtqoZBQ2ZKWEqAkxau6sbba+J1FFHIQbTyL8Muhbg72b81Xk
BS5JoRTHKe9Lv0qcQ6sQlfGTex++qQaSYuvpJuZq3rKKA1tlupY=
=dEHG
-----END PGP SIGNATURE-----

News for package openssl