Register | Log in

openssl

Secure Sockets Layer toolkit - cryptographic utility

Choose email to subscribe with

general

source: openssl (main)
version: 1.1.1g-1
maintainer: Debian OpenSSL Team (archive) (DMD)
uploaders: Sebastian Andrzej Siewior [DMD] – Christoph Martin [DMD] – Kurt Roeckx [DMD]
arch: all any
std-ver: 4.5.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.0.1t-1+deb8u8
o-o-sec: 1.0.1t-1+deb8u12
oldstable: 1.1.0l-1~deb9u1
old-sec: 1.1.0l-1~deb9u1
stable: 1.1.1d-0+deb10u3
stable-sec: 1.1.1d-0+deb10u3
testing: 1.1.1g-1
unstable: 1.1.1g-1
NEW/experimental: 3.0.0~~alpha1-1

versioned links

1.0.1t-1+deb8u8: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.0.1t-1+deb8u12: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.1.0l-1~deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.1.1d-0+deb10u3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.1.1g-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libcrypto1.1-udeb
libssl-dev (2 bugs: 0, 1, 1, 0)
libssl-doc (1 bugs: 0, 0, 1, 0)
libssl1.1 (1 bugs: 0, 1, 0, 0)
libssl1.1-udeb
openssl (60 bugs: 0, 36, 24, 0)

action needed

lintian reports 1 error and 4 warnings high

Lintian reports 1 error and 4 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2020-05-21 Last update: 2020-05-21 00:06

RFH: The maintainer is looking for help with this package. normal

The current maintainer is looking for someone who can help with the maintenance of this package. If you are interested in this package, please consider helping out. One way you can help is offer to be a co-maintainer or triage bugs in the BTS. Please see bug number #332498 for more information.

Created: 2017-12-02 Last update: 2017-12-02 00:26

1 ignored security issue in buster low

There is 1 open security issue in buster.

1 issue skipped by the security teams:

CVE-2019-1551: There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t).

Please fix it.

Created: 2019-12-06 Last update: 2020-05-09 16:01

1 ignored security issue in jessie low

There is 1 open security issue in jessie.

1 issue skipped by the security teams:

CVE-2018-0734: The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p).

Please fix it.

Created: 2018-10-29 Last update: 2020-05-09 16:01

1 ignored security issue in stretch low

There is 1 open security issue in stretch.

1 issue skipped by the security teams:

CVE-2019-1551: There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t).

Please fix it.

Created: 2019-12-06 Last update: 2020-05-09 16:01

Build log checks report 2 warnings low

Build log checks report 2 warnings

Created: 2017-10-26 Last update: 2018-08-22 07:28

news

[2020-04-25] Accepted openssl 1.1.1d-0+deb10u3 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Sebastian Andrzej Siewior)
[2020-04-25] openssl 1.1.1g-1 MIGRATED to testing (Debian testing watch)
[2020-04-21] Accepted openssl 1.1.1g-1 (source) into unstable (Sebastian Andrzej Siewior)
[2020-04-21] Accepted openssl 1.1.1d-0+deb10u3 (source) into stable->embargoed, stable (Debian FTP Masters) (signed by: Sebastian Andrzej Siewior)
[2020-04-06] openssl 1.1.1f-1 MIGRATED to testing (Debian testing watch)
[2020-03-31] Accepted openssl 1.1.1f-1 (source) into unstable (Sebastian Andrzej Siewior)
[2020-03-18] Accepted openssl 1.1.1e-1 (source) into unstable (Sebastian Andrzej Siewior)
[2019-10-15] openssl 1.1.1d-2 MIGRATED to testing (Debian testing watch)
[2019-10-13] Accepted openssl 1.1.1d-0+deb10u2 (source) into proposed-updates->stable-new, proposed-updates (Sebastian Andrzej Siewior)
[2019-10-13] Accepted openssl 1.1.1d-0+deb10u2 (source) into stable->embargoed, stable (Sebastian Andrzej Siewior)
[2019-10-12] Accepted openssl 1.1.1d-2 (source) into unstable (Sebastian Andrzej Siewior)
[2019-10-05] Accepted openssl 1.1.0l-1~deb9u1 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Sebastian Andrzej Siewior)
[2019-10-05] Accepted openssl 1.1.1d-0+deb10u1 (source) into proposed-updates->stable-new, proposed-updates (Sebastian Andrzej Siewior)
[2019-10-02] openssl 1.1.1d-1 MIGRATED to testing (Debian testing watch)
[2019-10-01] Accepted openssl 1.1.1d-0+deb10u1 (source) into stable->embargoed, stable (Sebastian Andrzej Siewior)
[2019-10-01] Accepted openssl 1.1.0l-1~deb9u1 (source) into oldstable->embargoed, oldstable (Sebastian Andrzej Siewior)
[2019-09-25] Accepted openssl 1.0.1t-1+deb8u12 (source all amd64) into oldoldstable (Markus Koschany)
[2019-09-14] Accepted openssl 1.1.1d-1 (source) into unstable (Sebastian Andrzej Siewior)
[2019-07-05] Accepted openssl 1.1.0k-1~deb9u1 (source) into proposed-updates->stable-new, proposed-updates (Sebastian Andrzej Siewior)
[2019-07-01] Accepted openssl 1.1.0k-1~deb9u1 (source) into stable->embargoed, stable (Sebastian Andrzej Siewior)
[2019-06-16] openssl 1.1.1c-1 MIGRATED to testing (Debian testing watch)
[2019-05-30] Accepted openssl 1.1.1c-1 (source) into unstable (Sebastian Andrzej Siewior)
[2019-04-21] openssl 1.1.1b-2 MIGRATED to testing (Debian testing watch)
[2019-04-16] Accepted openssl 1.1.1b-2 (source) into unstable (Kurt Roeckx)
[2019-03-13] openssl 1.1.1b-1 MIGRATED to testing (Debian testing watch)
[2019-03-01] Accepted openssl 1.0.1t-1+deb8u11 (source all amd64) into oldstable (Markus Koschany)
[2019-02-26] Accepted openssl 1.1.1b-1 (source) into unstable (Kurt Roeckx)
[2018-12-03] Accepted openssl 1.1.0j-1~deb9u1 (source) into proposed-updates->stable-new, proposed-updates (Sebastian Andrzej Siewior)
[2018-11-30] Accepted openssl 1.1.0j-1~deb9u1 (source) into stable->embargoed, stable (Sebastian Andrzej Siewior)
[2018-11-25] openssl 1.1.1a-1 MIGRATED to testing (Debian testing watch)

1
2

bugs [bug history graph]

all: 67
RC: 0
I&N: 41
M&W: 26
F&P: 0
patch: 0

links

homepage
lintian (1, 4)
buildd: logs, checks, clang, reproducibility, cross
popcon
browse source code
edit tags
security tracker
screenshots
l10n (91, -)
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.1.1f-1ubuntu2
123 bugs (6 patches)
patches for 1.1.1f-1ubuntu2

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing