Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-lts-changes@lists.debian.org> , <dispatch@tracker.debian.org>
Subject: Accepted openssl 1.1.1w-0+deb11u6 (source) into oldoldstable-security
Date: Tue, 09 Jun 2026 03:10:16 +0000
Signed by: Arnaud Rebillout <arnaudr@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 05 Jun 2026 14:07:34 +0700
Source: openssl
Architecture: source
Version: 1.1.1w-0+deb11u6
Distribution: bullseye-security
Urgency: medium
Maintainer: Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>
Changed-By: Arnaud Rebillout <arnaudr@debian.org>
Changes:
 openssl (1.1.1w-0+deb11u6) bullseye-security; urgency=medium
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2026-28387 ("Potential use-after-free in DANE client code")
   * CVE-2026-28388 ("NULL dereference When Delta CRL Lacks CRL Number
     Extension")
   * CVE-2026-28389 ("Possible NULL dereference when processing CMS
     KeyAgreeRecipientInfo")
   * CVE-2026-28390 ("Possible NULL dereference when processing CMS
     KeyTransportRecipientInfo")
Checksums-Sha1:
 f2111254a81fede491937d0720a981e773305e35 2684 openssl_1.1.1w-0+deb11u6.dsc
 76fbf3ca4370e12894a408ef75718f32cdab9671 9893384 openssl_1.1.1w.orig.tar.gz
 bca277263dfe1d951360eefda6c5eb01edc36462 833 openssl_1.1.1w.orig.tar.gz.asc
 27b47640917df1c2762867c352ec2d1901e97b2f 117956 openssl_1.1.1w-0+deb11u6.debian.tar.xz
 c9fbfb20a1a487ad8064f6bafea42c6985a9b574 5591 openssl_1.1.1w-0+deb11u6_source.buildinfo
Checksums-Sha256:
 636c9ec130029ea724856ebb46c3efee9e20752a95daddbfabf5843df9085e24 2684 openssl_1.1.1w-0+deb11u6.dsc
 cf3098950cb4d853ad95c0841f1f9c6d3dc102dccfcacd521d93925208b76ac8 9893384 openssl_1.1.1w.orig.tar.gz
 5e5c3694cda755231c0438ac3c96af00d7510abd7b916d79c51bb979567040db 833 openssl_1.1.1w.orig.tar.gz.asc
 3a0ab2bbd77cd27d48b7180db5c40b637199dfaeddd07bffbb65bbc73cee0713 117956 openssl_1.1.1w-0+deb11u6.debian.tar.xz
 a1a5349844bd724e2e5225089a3ec67f222a9296266cbac8df1105ed2e069a4b 5591 openssl_1.1.1w-0+deb11u6_source.buildinfo
Files:
 1fa5ab10acf6297ab67388ea23133d4a 2684 utils optional openssl_1.1.1w-0+deb11u6.dsc
 3f76825f195e52d4b10c70040681a275 9893384 utils optional openssl_1.1.1w.orig.tar.gz
 89d454a3aab2163ba2dda93510ea8089 833 utils optional openssl_1.1.1w.orig.tar.gz.asc
 97598ceef23c8fb22de2e873bbfc9f2b 117956 utils optional openssl_1.1.1w-0+deb11u6.debian.tar.xz
 23ba91b4db84519ceef10a013505b41e 5591 utils optional openssl_1.1.1w-0+deb11u6_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJHBAEBCgAxFiEE0Kl7ndbut+9n4bYs5yXoeRRgAhYFAmonf80THGFybmF1ZHJA
ZGViaWFuLm9yZwAKCRDnJeh5FGACFtqiD/9RB4QjWAKBdmY6pa+o2P4879oqPlkR
LZEItWcXkBspPMm7gXO9k+cs8Oq+p7WVu9fihnkQaPR40lGsAjCYxDYrgb2cBUhd
TJ5AOUaVv3i3OiKzin6/CowWo3ETAcfmrAiqQv7DhBOZaQdSqxkv4mp7paMlITro
O3wSP5kkXy+Gc0GJLsHtBzbYceODRyb4ynuI17/UjS8N579YUwBhEWzCnJ29QJSH
n2CZhxlDQdn2mprEQXrg+PlqReydafzU2llnOCtgnrd4xSM8niyUxmGsMnGDuFzb
ycOq/NuAw+Ip+BBP6J32G/Ha4nyVpZhurDALo+esn1pSQYwHzxrRNrZFVPk0NyJC
Usrd00wvaBHyZjZ/ydoi47U+qUR9MFcJTL6QY6nbIjrCek06HR35yLRXcuK1Vsvr
1Z3v2q0C/bobURA/aumhIMDzRETNTBbnsKXn/ednHUe17E+KMkkfsV6cxBcHdIUO
wdOLdGV1IEuvlFEqiRHmSqC1R6bazExybLnpa700tT+2j1J5AxiFW3AjR2wElYZT
igKUTZXLQq91HGR6j8fXFOpSw7E8IF9Ob+/h7QQnXGSOSDoFye20uodtXgN9+LXF
qlQD3K2XyinFm0fKWJzCPvhms7dLGpPiF95m0ORxbul2GQiaTapm7fe774mkFxdp
74yqyGwgqKYEtg==
=IEPT
-----END PGP SIGNATURE-----

News for package openssl