libcrypt-openssl-rsa-perl - Debian Package Tracker

general

source: libcrypt-openssl-rsa-perl (main)
version: 0.33-3
maintainer: Debian Perl Group (archive) (DMD) (LowNMU)
uploaders: Damyan Ivanov [DMD] – Salvatore Bonaccorso [DMD]
arch: any
std-ver: 4.6.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 0.31-1
oldstable: 0.31-1
stable: 0.33-3
testing: 0.33-3
unstable: 0.33-3

versioned links

0.31-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.33-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libcrypt-openssl-rsa-perl

action needed

1 security issue in trixie high

There is 1 open security issue in trixie.

1 important issue:

CVE-2024-2467: A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages. The vulnerability affects the legacy PKCS#1v1.5 RSA encryption padding mode.

Created: 2024-03-16 Last update: 2024-11-05 14:32

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2024-2467: A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages. The vulnerability affects the legacy PKCS#1v1.5 RSA encryption padding mode.

Created: 2024-03-16 Last update: 2024-11-05 14:32

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 0.33-4, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 7cd1a5b88200e491f3925700062e82efc3770f41
Author: gregor herrmann <gregoa@debian.org>
Date:   Fri Nov 22 02:50:39 2024 +0100

    update changelog
    
    Gbp-Dch: Ignore

commit 461dd5467d0d11e395d4d4b0f178b1d02f1d6c8d
Author: gregor herrmann <gregoa@debian.org>
Date:   Fri Nov 22 02:49:51 2024 +0100

    Set Homepage in debian/control to MetaCPAN page.
    
    Thanks: Matt Taggart for the bug report.
    
    Closes: #1087888

Created: 2024-11-22 Last update: 2024-12-28 15:31

1 low-priority security issue in bookworm low

There is 1 open security issue in bookworm.

1 issue left for the package maintainer to handle:

CVE-2024-2467: (postponed; to be fixed through a stable update) A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages. The vulnerability affects the legacy PKCS#1v1.5 RSA encryption padding mode.

You can find information about how to handle this issue in the security team's documentation.

Created: 2024-03-16 Last update: 2024-11-05 14:32

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.0 instead of 4.6.1).

Created: 2022-12-17 Last update: 2024-04-07 13:15

news

[rss feed]

[2022-09-14] libcrypt-openssl-rsa-perl 0.33-3 MIGRATED to testing (Debian testing watch)
[2022-09-10] Accepted libcrypt-openssl-rsa-perl 0.33-3 (source) into unstable (gregor herrmann)
[2022-09-10] Accepted libcrypt-openssl-rsa-perl 0.33-2 (source) into unstable (gregor herrmann)
[2022-07-14] libcrypt-openssl-rsa-perl 0.33-1 MIGRATED to testing (Debian testing watch)
[2022-07-12] Accepted libcrypt-openssl-rsa-perl 0.33-1 (source) into unstable (gregor herrmann)
[2022-01-16] libcrypt-openssl-rsa-perl 0.32-2 MIGRATED to testing (Debian testing watch)
[2022-01-16] libcrypt-openssl-rsa-perl 0.32-2 MIGRATED to testing (Debian testing watch)
[2022-01-13] Accepted libcrypt-openssl-rsa-perl 0.32-2 (source) into unstable (gregor herrmann)
[2021-09-28] libcrypt-openssl-rsa-perl 0.32-1 MIGRATED to testing (Debian testing watch)
[2021-09-25] Accepted libcrypt-openssl-rsa-perl 0.32-1 (source) into unstable (Florian Schlichting)
[2018-10-09] libcrypt-openssl-rsa-perl 0.31-1 MIGRATED to testing (Debian testing watch)
[2018-10-06] Accepted libcrypt-openssl-rsa-perl 0.31-1 (source) into unstable (Salvatore Bonaccorso)
[2018-05-21] libcrypt-openssl-rsa-perl 0.30-1 MIGRATED to testing (Debian testing watch)
[2018-05-05] Accepted libcrypt-openssl-rsa-perl 0.30-1 (source) into unstable (gregor herrmann)
[2017-01-14] libcrypt-openssl-rsa-perl 0.28-5 MIGRATED to testing (Debian testing watch)
[2017-01-03] Accepted libcrypt-openssl-rsa-perl 0.28-5 (source) into unstable (Niko Tyni)
[2016-12-24] libcrypt-openssl-rsa-perl 0.28-4 MIGRATED to testing (Debian testing watch)
[2016-12-13] Accepted libcrypt-openssl-rsa-perl 0.28-4 (source) into unstable (gregor herrmann)
[2016-07-12] libcrypt-openssl-rsa-perl 0.28-3 MIGRATED to testing (Debian testing watch)
[2016-07-06] Accepted libcrypt-openssl-rsa-perl 0.28-3 (source) into unstable (intrigeri)
[2014-03-17] libcrypt-openssl-rsa-perl 0.28-2 MIGRATED to testing (Debian testing watch)
[2014-03-06] Accepted libcrypt-openssl-rsa-perl 0.28-2 (source amd64) (intrigeri)
[2012-01-16] libcrypt-openssl-rsa-perl 0.28-1 MIGRATED to testing (Debian testing watch)
[2012-01-05] Accepted libcrypt-openssl-rsa-perl 0.28-1 (source amd64) (Salvatore Bonaccorso)
[2011-07-14] libcrypt-openssl-rsa-perl 0.27-1 MIGRATED to testing (Debian testing watch)
[2011-07-04] Accepted libcrypt-openssl-rsa-perl 0.27-1 (source amd64) (Salvatore Bonaccorso)
[2008-02-19] libcrypt-openssl-rsa-perl 0.25-1 MIGRATED to testing (Debian testing watch)
[2008-01-27] Accepted libcrypt-openssl-rsa-perl 0.25-1 (source amd64) (Damyan Ivanov)
[2007-06-01] libcrypt-openssl-rsa-perl 0.24-2 MIGRATED to testing (Debian testing watch)
[2007-05-23] Accepted libcrypt-openssl-rsa-perl 0.24-2 (source i386) (Luk Claes)

bugs [bug history graph]

all: 2
RC: 0
I&N: 1
M&W: 0
F&P: 1
patch: 0

links

homepage
lintian
buildd: logs, checks, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots
debian patches
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 0.33-3build5