Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org> , <debian-experimental-changes@lists.debian.org>
Subject: Accepted openssl 3.1.2-1 (source) into experimental
Date: Tue, 01 Aug 2023 21:23:01 +0000
Signed by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 01 Aug 2023 22:51:25 +0200
Source: openssl
Architecture: source
Version: 3.1.2-1
Distribution: experimental
Urgency: medium
Maintainer: Debian OpenSSL Team <pkg-openssl-devel@alioth-lists.debian.net>
Changed-By: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Closes: 1041817 1041818
Changes:
 openssl (3.1.2-1) experimental; urgency=medium
 .
   * Import 3.1.2
    - CVE-2023-2975 (AES-SIV implementation ignores empty associated data
      entries) (Closes: #1041818).
    - CVE-2023-3446 (Excessive time spent checking DH keys and parameters).
      (Closes: #1041817).
    - CVE-2023-3817 (Excessive time spent checking DH q parameter value).
    - Drop bc and m4 from B-D.
Checksums-Sha1:
 be2cd6576a8f2700cbfa8502e51d2011829aaccd 2451 openssl_3.1.2-1.dsc
 206036c21264e53f0196f715d81d905742e6245b 15560427 openssl_3.1.2.orig.tar.gz
 604f1185bc1036ae9e7d15b207c45c9177f98b97 833 openssl_3.1.2.orig.tar.gz.asc
 28a4cb1bdbeba5fc1de678f011c01a95fa5379da 69048 openssl_3.1.2-1.debian.tar.xz
Checksums-Sha256:
 2d1bc6b8850ab13dd7fcc0a44d0be4a710f4308f384c64c4d6378d5a1359a361 2451 openssl_3.1.2-1.dsc
 a0ce69b8b97ea6a35b96875235aa453b966ba3cba8af2de23657d8b6767d6539 15560427 openssl_3.1.2.orig.tar.gz
 0c14b85a86966752f1cdc2a3306497010d5fb9d405070b64cbb201d7ad1eb61a 833 openssl_3.1.2.orig.tar.gz.asc
 c80fc59806e9a08f95d7c79411f162526eb0fe650aaf2bc2550f4589d344e398 69048 openssl_3.1.2-1.debian.tar.xz
Files:
 861499a955e678da780ca0b296262af9 2451 utils optional openssl_3.1.2-1.dsc
 1d7861f969505e67b8677e205afd9ff4 15560427 utils optional openssl_3.1.2.orig.tar.gz
 673f7e5d19798fa370c6d9fac978062d 833 utils optional openssl_3.1.2.orig.tar.gz.asc
 f2027ad363c9e7b9ea66787d7adcf737 69048 utils optional openssl_3.1.2-1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQGzBAEBCgAdFiEEV4kucFIzBRM39v3RBWQfF1cS+lsFAmTJcMUACgkQBWQfF1cS
+lsHiQv/flbVzwibouAY3B3umFKl3iK3vsjNtdbylfUKd8oetP9L47QhSoNNCcx/
kZvuCU+PAnDfXbejFgnZhOXfMBnYoY+bK2/YK17/i3FMjiigAK642hzF9/7C85WW
VGj8BzYUBFNLLynsKgFdqFeEkFV5KWKa8Q28PhvIHMaQ5vvE8qMHQtOmqbYUN/Rr
kzss6OH1mNnhlrzJ4C1jVX+F1F1BOSySxzNuLDnzugbZ0y35R/YMid1ngjCu5rJw
13+x12lba23g31vP8aFrKGTO3qd88kXT9aacQkP/yI+n7QINnBVgKWzWSnMPhOtr
NwjgZBADkdmkoEsg2olT2Lug10sM+eV8jFV8VGCS1Wix8IjoP7MiCBPLYV7Q+vbI
EQ2PkA6l/CSA1QuMLqqdOdj41odvSKDcYwPB3/qxx4otNAR+AFlW8XzDUb4c9im7
cQ/KFpLzB2KkEwnt5+/6SpDrJPmgJtu2a1iMFUNgKd/K5VmCwvLnFgVtX77GKNBv
gDuNNySZ
=0U/l
-----END PGP SIGNATURE-----

News for package openssl