Debian Package Tracker

general

source: openssl (main)
version: 1.1.1d-2
maintainer: Debian OpenSSL Team (archive) (DMD)
uploaders: Sebastian Andrzej Siewior [DMD] – Christoph Martin [DMD] – Kurt Roeckx [DMD]
arch: all any
std-ver: 4.2.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.0.1t-1+deb8u8
o-o-sec: 1.0.1t-1+deb8u12
oldstable: 1.1.0k-1~deb9u1
old-sec: 1.1.0l-1~deb9u1
old-p-u: 1.1.0l-1~deb9u1
stable: 1.1.1d-0+deb10u2
stable-sec: 1.1.1d-0+deb10u2
testing: 1.1.1d-2
unstable: 1.1.1d-2

versioned links

1.0.1t-1+deb8u8: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.0.1t-1+deb8u12: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.1.0k-1~deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.1.0l-1~deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.1.1d-0+deb10u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.1.1d-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libcrypto1.1-udeb
libssl-dev (2 bugs: 0, 1, 1, 0)
libssl-doc (1 bugs: 0, 0, 1, 0)
libssl1.1 (1 bugs: 0, 1, 0, 0)
libssl1.1-udeb
openssl (65 bugs: 0, 39, 26, 0)

action needed

1 security issue in bullseye high

There is 1 open security issue in bullseye.

1 important issue:

CVE-2019-1551: There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e-dev (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u-dev (Affected 1.0.2-1.0.2t).

Please fix it.

Created: 2019-12-06 Last update: 2020-01-02 18:34

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2019-1551: There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e-dev (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u-dev (Affected 1.0.2-1.0.2t).

Please fix it.

Created: 2019-12-06 Last update: 2020-01-02 18:34

lintian reports 1 error and 4 warnings high

Lintian reports 1 error and 4 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2019-10-15 Last update: 2019-10-15 01:18

2 bugs tagged patch in the BTS normal

The BTS contains patches fixing 2 bugs, consider including or untagging them.

Created: 2019-04-01 Last update: 2020-01-17 15:32

RFH: The maintainer is looking for help with this package. normal

The current maintainer is looking for someone who can help with the maintenance of this package. If you are interested in this package, please consider helping out. One way you can help is offer to be a co-maintainer or triage bugs in the BTS. Please see bug number #332498 for more information.

Created: 2017-12-02 Last update: 2017-12-02 00:26

1 ignored security issue in buster low

There is 1 open security issue in buster.

1 issue skipped by the security teams:

CVE-2019-1551: There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e-dev (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u-dev (Affected 1.0.2-1.0.2t).

Please fix it.

Created: 2019-12-06 Last update: 2020-01-02 18:34

1 ignored security issue in jessie low

There is 1 open security issue in jessie.

1 issue skipped by the security teams:

CVE-2018-0734: The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p).

Please fix it.

Created: 2018-10-29 Last update: 2020-01-02 18:34

1 ignored security issue in stretch low

There is 1 open security issue in stretch.

1 issue skipped by the security teams:

CVE-2019-1551: There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e-dev (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u-dev (Affected 1.0.2-1.0.2t).

Please fix it.

Created: 2019-12-06 Last update: 2020-01-02 18:34

Build log checks report 2 warnings low

Build log checks report 2 warnings

Created: 2017-10-26 Last update: 2018-08-22 07:28

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.4.1 instead of 4.2.1).

Created: 2018-12-23 Last update: 2019-10-13 08:16

news

[rss feed]

[2019-10-15] openssl 1.1.1d-2 MIGRATED to testing (Debian testing watch)
[2019-10-13] Accepted openssl 1.1.1d-0+deb10u2 (source) into proposed-updates->stable-new, proposed-updates (Sebastian Andrzej Siewior)
[2019-10-13] Accepted openssl 1.1.1d-0+deb10u2 (source) into stable->embargoed, stable (Sebastian Andrzej Siewior)
[2019-10-12] Accepted openssl 1.1.1d-2 (source) into unstable (Sebastian Andrzej Siewior)
[2019-10-05] Accepted openssl 1.1.0l-1~deb9u1 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Sebastian Andrzej Siewior)
[2019-10-05] Accepted openssl 1.1.1d-0+deb10u1 (source) into proposed-updates->stable-new, proposed-updates (Sebastian Andrzej Siewior)
[2019-10-02] openssl 1.1.1d-1 MIGRATED to testing (Debian testing watch)
[2019-10-01] Accepted openssl 1.1.1d-0+deb10u1 (source) into stable->embargoed, stable (Sebastian Andrzej Siewior)
[2019-10-01] Accepted openssl 1.1.0l-1~deb9u1 (source) into oldstable->embargoed, oldstable (Sebastian Andrzej Siewior)
[2019-09-25] Accepted openssl 1.0.1t-1+deb8u12 (source all amd64) into oldoldstable (Markus Koschany)
[2019-09-14] Accepted openssl 1.1.1d-1 (source) into unstable (Sebastian Andrzej Siewior)
[2019-07-05] Accepted openssl 1.1.0k-1~deb9u1 (source) into proposed-updates->stable-new, proposed-updates (Sebastian Andrzej Siewior)
[2019-07-01] Accepted openssl 1.1.0k-1~deb9u1 (source) into stable->embargoed, stable (Sebastian Andrzej Siewior)
[2019-06-16] openssl 1.1.1c-1 MIGRATED to testing (Debian testing watch)
[2019-05-30] Accepted openssl 1.1.1c-1 (source) into unstable (Sebastian Andrzej Siewior)
[2019-04-21] openssl 1.1.1b-2 MIGRATED to testing (Debian testing watch)
[2019-04-16] Accepted openssl 1.1.1b-2 (source) into unstable (Kurt Roeckx)
[2019-03-13] openssl 1.1.1b-1 MIGRATED to testing (Debian testing watch)
[2019-03-01] Accepted openssl 1.0.1t-1+deb8u11 (source all amd64) into oldstable (Markus Koschany)
[2019-02-26] Accepted openssl 1.1.1b-1 (source) into unstable (Kurt Roeckx)
[2018-12-03] Accepted openssl 1.1.0j-1~deb9u1 (source) into proposed-updates->stable-new, proposed-updates (Sebastian Andrzej Siewior)
[2018-11-30] Accepted openssl 1.1.0j-1~deb9u1 (source) into stable->embargoed, stable (Sebastian Andrzej Siewior)
[2018-11-25] openssl 1.1.1a-1 MIGRATED to testing (Debian testing watch)
[2018-11-22] Accepted openssl 1.1.1a-1 (source) into unstable (Sebastian Andrzej Siewior)
[2018-11-21] Accepted openssl 1.0.1t-1+deb8u10 (source all amd64) into oldstable (Thorsten Alteholz)
[2018-10-31] openssl 1.1.1-2 MIGRATED to testing (Debian testing watch)
[2018-10-29] Accepted openssl 1.1.1-2 (source) into unstable (Sebastian Andrzej Siewior)
[2018-10-28] openssl 1.1.1-1 MIGRATED to testing (Debian testing watch)
[2018-09-12] Accepted openssl 1.1.1-1 (source) into unstable (Sebastian Andrzej Siewior)
[2018-08-21] Accepted openssl 1.1.1~~pre9-1 (source) into unstable (Kurt Roeckx)

bugs [bug history graph]

all: 73
RC: 0
I&N: 45
M&W: 28
F&P: 0
patch: 2

links

homepage
lintian (1, 4)
buildd: logs, checks, clang, reproducibility, cross
popcon
browse source code
edit tags
security tracker
screenshots
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.1.1c-1ubuntu4
117 bugs (6 patches)
patches for 1.1.1c-1ubuntu4