[From nobody Wed Apr 8 18:35:07 2026 Received: (at 1130650-close) by bugs.debian.org; 8 Apr 2026 17:32:10 +0000 X-Spam-Checker-Version: SpamAssassin 4.0.1-bugs.debian.org_2005_01_02 (2024-03-25) on buxtehude.debian.org X-Spam-Level: X-Spam-Status: No, score=-113.0 required=4.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FOURLA,FVGT_m_MULTI_ODD, HAS_BUG_NUMBER,MD5_SHA1_SUM,PGPSIGNATURE,RCVD_IN_DNSWL_MED, SPF_HELO_PASS,SPF_NONE,USER_IN_DKIM_WELCOMELIST autolearn=ham autolearn_force=no version=4.0.1-bugs.debian.org_2005_01_02 X-Spam-Bayes: score:0.0000 Tokens: new, 117; hammy, 150; neutral, 172; spammy, 0. spammytokens: hammytokens:0.000-+--HX-Debian:DAK, 0.000-+--H*rp:D*ftp-master.debian.org, 0.000-+--UD:debian.tar.xz, 0.000-+--H*r:sk:fasolo., 0.000-+--H*MI:fasolo Return-path: <envelope@ftp-master.debian.org> Received: from mitropoulos.debian.org ([2001:648:2ffc:deb:216:61ff:fe9d:958d]:36850) by buxtehude.debian.org with esmtps (TLS1.3:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_256_GCM:256) (Exim 4.96) (envelope-from <envelope@ftp-master.debian.org>) id 1wAWl8-006Tq1-0L for 1130650-close@bugs.debian.org; Wed, 08 Apr 2026 17:32:10 +0000 Received: via submission from C=NA, ST=NA, L=Ankh Morpork, O=Debian SMTP, OU=Debian SMTP CA, CN=fasolo.debian.org, EMAIL=hostmaster@fasolo.debian.org (verified) by mitropoulos.debian.org with esmtps (TLS1.3:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_256_GCM:256) (Exim 4.96) (envelope-from <envelope@ftp-master.debian.org>) id 1wAWl6-00Fd0m-1J for 1130650-close@bugs.debian.org; Wed, 08 Apr 2026 17:32:08 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id:Content-Type: Subject:MIME-Version:To:Reply-To:From:Cc:Content-Transfer-Encoding:Content-ID :Content-Description:In-Reply-To:References; bh=e2DIXvfLc8X1OPEvfsEnuhE8iXNdaPf4lUy7l30xa/U=; b=UfZ2WrHTG4E+mfJfqfJ+ymirC8 4vic+FOuNVQu7zXeqK3DIqAuQa0Y3nMwB9MQLfBw95BvD/CQ2W3BNf6ElpAARjPYMaNFUAWom2d/w MuGc1wOR9KdZIFwbLYEHO/zGoj5AeJIjLd/PbUy0Upz8S5C5rAUrbBzKCASoh+LLfbcy9TJDF9L3T 30WQNhBYIWmfR7o4gxxjIu0i+xVnq4IjUs4dC9EhLwOk+oZY0McxBvU1PozNHE4J+/KeJheR+/Bhc 5Zrgzg9Bl2l/TmrXjErMtn5rkL0V7YvHG+P5XzMrhM+GlQLLXcOuLYQ/EcB2qgCvULNe+rJXgf4lC rYud1dFA==; Received: from dak by fasolo.debian.org with local (Exim 4.98.2) (envelope-from <envelope@ftp-master.debian.org>) id 1wAWl5-00000009wfs-0pdA; Wed, 08 Apr 2026 17:32:07 +0000 From: Debian FTP Masters <ftpmaster@ftp-master.debian.org> Reply-To: Sebastian Andrzej Siewior <sebastian@breakpoint.cc> To: 1130650-close@bugs.debian.org X-DAK: dak process-policy X-Debian: DAK X-Debian-Package: openssl Debian: DAK Debian-Changes: openssl_3.5.5-1~deb13u2_source.changes Debian-Source: openssl Debian-Version: 3.5.5-1~deb13u2 Debian-Architecture: source Debian-Suite: proposed-updates Debian-Archive-Action: accept MIME-Version: 1.0 Subject: Bug#1130650: fixed in openssl 3.5.5-1~deb13u2 Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="===============5791765775702195719==" Message-Id: <E1wAWl5-00000009wfs-0pdA@fasolo.debian.org> Date: Wed, 08 Apr 2026 17:32:07 +0000 --===============5791765775702195719== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Source: openssl Source-Version: 3.5.5-1~deb13u2 Done: Sebastian Andrzej Siewior <sebastian@breakpoint.cc> We believe that the bug you reported is fixed in the latest version of openssl, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1130650@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Sebastian Andrzej Siewior <sebastian@breakpoint.cc> (supplier of updated open= ssl package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmaster@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 03 Apr 2026 12:05:32 +0200 Source: openssl Architecture: source Version: 3.5.5-1~deb13u2 Distribution: trixie-security Urgency: medium Maintainer: Debian OpenSSL Team <pkg-openssl-devel@alioth-lists.debian.net> Changed-By: Sebastian Andrzej Siewior <sebastian@breakpoint.cc> Closes: 1130650 Changes: openssl (3.5.5-1~deb13u2) trixie-security; urgency=3Dmedium . * CVE-2026-2673 ("OpenSSL TLS 1.3 server may choose unexpected key agreeme= nt group") (Closes: #1130650). * CVE-2026-28387 ("Potential use-after-free in DANE client code") * CVE-2026-28389 ("Possible NULL dereference when processing CMS KeyAgreeRecipientInfo") * CVE-2026-28390 ("Possible NULL dereference when processing CMS KeyTransportRecipient Info") * CVE-2026-31789 ("Heap buffer overflow in hexadecimal conversion") * CVE-2026-31790 ("Incorrect failure handling in RSA KEM RSASVE encapsulation") Checksums-Sha1: 1b684312654efc3e4287d53d37d8c3ff30198f2e 2707 openssl_3.5.5-1~deb13u2.dsc 72a5ebbdd30bc28a66f069e2d50c66a007c324d2 53104821 openssl_3.5.5.orig.tar.gz ff7a37d551ce7f25695266d29fb1439ba3f6b43f 833 openssl_3.5.5.orig.tar.gz.asc 0e093b26fc47e8b99af77cca92281e94b215f58a 68136 openssl_3.5.5-1~deb13u2.debia= n.tar.xz Checksums-Sha256: 2cba43d38a2f4ca1ef09a89ccc348fc63a5a43a58850a913bca46c6ceeb007ed 2707 openss= l_3.5.5-1~deb13u2.dsc b28c91532a8b65a1f983b4c28b7488174e4a01008e29ce8e69bd789f28bc2a89 53104821 op= enssl_3.5.5.orig.tar.gz eaef5b1054b84b8d1e6c61c9fc8867828be5ce686d0221580faf8bdc16489da9 833 openssl= _3.5.5.orig.tar.gz.asc 92355f8cd5112cb4d49b9487c30507e5f85fc5497ad85223aecf661566f5ad8e 68136 opens= sl_3.5.5-1~deb13u2.debian.tar.xz Files: b28c013d3c00557c197d77ebf888e9df 2707 utils optional openssl_3.5.5-1~deb13u2= .dsc 9c86d929c3d1067e2c88239d7d1ce81b 53104821 utils optional openssl_3.5.5.orig.= tar.gz 7e827079c420b263e8dadfe6fafcdf40 833 utils optional openssl_3.5.5.orig.tar.g= z.asc 546d0630d836b93a246280c9d0b22cce 68136 utils optional openssl_3.5.5-1~deb13u= 2.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQGzBAEBCgAdFiEEV4kucFIzBRM39v3RBWQfF1cS+lsFAmnP1/sACgkQBWQfF1cS +luvYwv/fPMCAWEVdNBypeB0C2Dnot61OFmIpsykPkHwPP8HbSu4AOikXEQSki7j 6mg7hM7AJ0liwMSEpbihzawbc0mQ6KchyC4/fWz0RSH2QMk8aP6bM7WzGFC2hVP1 /PBZRhcqPf/Nj/u6+TgMJoS/11D3lZecnGYqXwWLvNnALNi8a7Z5vhBKGKvCqxsU 6tuGb7AdLt6m6Slm1hhIEHr8+0WdVBWTW5dLpTfiKusaf8pH5WoCY8/60ChjvwX6 LWSGq4Rikauix0HI3ryb8yJeNPOFtpvW0W5KfW/wFnN0Dc4gE/DPgj/+511FRJP1 VOjJULzFI68FDWuI44cmWyLug0yCI3oq3y7h7h4/IwqBX9B/XydElHf+PjQjwnTg fGMYjGpIOiI7XdiuR+L4lwndktHKjqjnv8ZXCUwMPucT7Wr8Gd5TwAODcIa10k7+ CgBDc4YbwxYKj7Mhj3BgGpCg+COljnnrgpI+lDTVHx7RGZwKCPACLo2+Ox/BUid3 gdOG14Ne =3DaD9m -----END PGP SIGNATURE----- --===============5791765775702195719== Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- iHUEABYIAB0WIQTziqJOuF8J+ZI8pJSb9qggYcy5IQUCadaRFwAKCRCb9qggYcy5 IcCpAP9B3isnV4i2+avkvQzxGMd7UlY+kdS1mmwlXY8rhvMu/AEAtolQ2Z+/Mz4T hj5mQDm48JEU/UfP65YUSKskgmxZFAI= =pZ4L -----END PGP SIGNATURE----- --===============5791765775702195719==-- ]