[From nobody Sat Apr 11 15:51:06 2026
Received: (at 1130650-close) by bugs.debian.org; 11 Apr 2026 14:48:52 +0000
X-Spam-Checker-Version: SpamAssassin 4.0.1-bugs.debian.org_2005_01_02
 (2024-03-25) on buxtehude.debian.org
X-Spam-Level: 
X-Spam-Status: No, score=-113.0 required=4.0 tests=BAYES_00,DKIM_SIGNED,
 DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FOURLA,FVGT_m_MULTI_ODD,
 HAS_BUG_NUMBER,MD5_SHA1_SUM,PGPSIGNATURE,RCVD_IN_DNSWL_MED,
 SPF_HELO_PASS,SPF_NONE,USER_IN_DKIM_WELCOMELIST autolearn=ham
 autolearn_force=no version=4.0.1-bugs.debian.org_2005_01_02
X-Spam-Bayes: score:0.0000 Tokens: new, 111; hammy, 150; neutral, 231; spammy,
 0. spammytokens: hammytokens:0.000-+--HX-Debian:DAK,
 0.000-+--H*rp:D*ftp-master.debian.org, 0.000-+--HX-DAK:process-upload,
 0.000-+--UD:debian.tar.xz, 0.000-+--H*r:sk:fasolo.
Return-path: &lt;envelope@ftp-master.debian.org&gt;
Received: from mitropoulos.debian.org
 ([2001:648:2ffc:deb:216:61ff:fe9d:958d]:37286)
 by buxtehude.debian.org with esmtps
 (TLS1.3:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_256_GCM:256)
 (Exim 4.96) (envelope-from &lt;envelope@ftp-master.debian.org&gt;)
 id 1wBZdk-00EqWC-1J for 1130650-close@bugs.debian.org;
 Sat, 11 Apr 2026 14:48:52 +0000
Received: via submission
 from C=NA, ST=NA, L=Ankh Morpork, O=Debian SMTP, OU=Debian SMTP CA,
 CN=fasolo.debian.org, EMAIL=hostmaster@fasolo.debian.org (verified)
 by mitropoulos.debian.org with esmtps
 (TLS1.3:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_256_GCM:256)
 (Exim 4.96) (envelope-from &lt;envelope@ftp-master.debian.org&gt;)
 id 1wBZdg-0012vG-2h for 1130650-close@bugs.debian.org;
 Sat, 11 Apr 2026 14:48:49 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id:Content-Type:
 Subject:MIME-Version:To:Reply-To:From:Cc:Content-Transfer-Encoding:Content-ID
 :Content-Description:In-Reply-To:References;
 bh=B7t5jG/GiXdG9rYgCb6F42A9OPhsbciR6hAEiQBuhCc=; b=TfEEtqbJ1jcf5yBPlEvNELgg3L
 BPZdV+98Pys5vaDkm2n/oYukNuqLovMjzA/mLzSczhjwhWScLczaA26mPK13ynIGechT03V2irNWb
 HgXTxzR4G7xMLpATXjAf0VmVX8fuE44ZHKsKQkK1i45fqu7NIPcUPzAkCJHYEAk0L/zX55T3l2DRR
 nm/0k7FkyvmRBk9akGDTDYp06pvIzUD1+FLepsok0U9ZIn4LuK+3s0qBr/67rbxFTV2sI79LdJ0CV
 UMgcKXHk19Wp5n4pYyu3I/dFkdS5QZrScvoBbhhEb3Qes4EQIIzUVzpx9ChTGRFEDYY5iOi26KSAk
 t7qa+CJA==;
Received: from dak by fasolo.debian.org with local (Exim 4.98.2)
 (envelope-from &lt;envelope@ftp-master.debian.org&gt;)
 id 1wBZdf-00000004Xac-2Nqq; Sat, 11 Apr 2026 14:48:47 +0000
From: Debian FTP Masters &lt;ftpmaster@ftp-master.debian.org&gt;
Reply-To: Sebastian Andrzej Siewior &lt;sebastian@breakpoint.cc&gt;
To: 1130650-close@bugs.debian.org
X-DAK: dak process-upload
X-Debian: DAK
X-Debian-Package: openssl
Debian: DAK
Debian-Changes: openssl_3.6.2-1_source.changes
Debian-Source: openssl
Debian-Version: 3.6.2-1
Debian-Architecture: source
Debian-Suite: unstable
Debian-Archive-Action: accept
MIME-Version: 1.0
Subject: Bug#1130650: fixed in openssl 3.6.2-1
Content-Type: multipart/signed; micalg=&quot;pgp-sha256&quot;;
 protocol=&quot;application/pgp-signature&quot;;
 boundary=&quot;===============1364688596929629374==&quot;
Message-Id: &lt;E1wBZdf-00000004Xac-2Nqq@fasolo.debian.org&gt;
Date: Sat, 11 Apr 2026 14:48:47 +0000

--===============1364688596929629374==
Content-Type: text/plain; charset=&quot;utf-8&quot;
Content-Transfer-Encoding: quoted-printable

Source: openssl
Source-Version: 3.6.2-1
Done: Sebastian Andrzej Siewior &lt;sebastian@breakpoint.cc&gt;

We believe that the bug you reported is fixed in the latest version of
openssl, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1130650@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Sebastian Andrzej Siewior &lt;sebastian@breakpoint.cc&gt; (supplier of updated open=
ssl package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 11 Apr 2026 16:27:58 +0200
Source: openssl
Architecture: source
Version: 3.6.2-1
Distribution: unstable
Urgency: medium
Maintainer: Debian OpenSSL Team &lt;pkg-openssl-devel@alioth-lists.debian.net&gt;
Changed-By: Sebastian Andrzej Siewior &lt;sebastian@breakpoint.cc&gt;
Closes: 1130650
Changes:
 openssl (3.6.2-1) unstable; urgency=3Dmedium
 .
   * Import 3.6.2
    - CVE-2026-2673 (&quot;OpenSSL TLS 1.3 server may choose unexpected key agreem=
ent
      group&quot;) (Closes: #1130650).
    - CVE-2026-28387 (&quot;Potential use-after-free in DANE client code&quot;)
    - CVE-2026-28389 (&quot;Possible NULL dereference when processing CMS
      KeyAgreeRecipientInfo&quot;)
    - CVE-2026-28390 (&quot;Possible NULL dereference when processing CMS
      KeyTransportRecipient Info&quot;)
    - CVE-2026-31789 (&quot;Heap buffer overflow in hexadecimal conversion&quot;)
    - CVE-2026-31790 (&quot;Incorrect failure handling in RSA KEM RSASVE
      encapsulation&quot;)
    - CVE-2026-28386 (&quot;Out-of-bounds Read in AES-CFB-128 on X86-64 with AVX-5=
12
      Support&quot;)
    - CVE-2026-28388 (&quot;NULL Pointer Dereference When Processing a Delta CRL&quot;)
Checksums-Sha1:
 cd9d1831533cc75e9b81f3c40e3b8a85b0626cad 2849 openssl_3.6.2-1.dsc
 47596475539bdaf7e67448fae5bcd457d0262520 54913556 openssl_3.6.2.orig.tar.gz
 be40bbb4e145fe92738e222ca268b4be8835c53f 833 openssl_3.6.2.orig.tar.gz.asc
 fdd118da0376ccf839ab560bb0b7dbe0e3516648 48404 openssl_3.6.2-1.debian.tar.xz
Checksums-Sha256:
 c94552e5abc4935764624321bcd29e6c113c3c74af1b85239b523c9f01998e08 2849 openss=
l_3.6.2-1.dsc
 aaf51a1fe064384f811daeaeb4ec4dce7340ec8bd893027eee676af31e83a04f 54913556 op=
enssl_3.6.2.orig.tar.gz
 c325b2975a9be4fe03425286badbe7a380a6f1e98325c180024182fca62396c1 833 openssl=
_3.6.2.orig.tar.gz.asc
 4fa6b0d775292b983fba3e5686c850253fc978e9c07c13efb6bca030ac2e93c3 48404 opens=
sl_3.6.2-1.debian.tar.xz
Files:
 39945c096b4c891a7033d0293c071c52 2849 utils optional openssl_3.6.2-1.dsc
 f27e8f53ac612bb0e3e781a45799fb90 54913556 utils optional openssl_3.6.2.orig.=
tar.gz
 bcd46c3b8e3ecac700e11bc98ffb47c1 833 utils optional openssl_3.6.2.orig.tar.g=
z.asc
 a988c79fe1d267369aba3537f2076300 48404 utils optional openssl_3.6.2-1.debian=
.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEZCVGlf/wqkRmzBnme5boFiqM9dEFAmnaWpEACgkQe5boFiqM
9dEolA//X4G2csm0LPGulcrFjLXtQ5EWhkO9lMrwSKgKWvE/KItKbZAemioJplyx
UMQZzfcLD0L5A7uaF77mQ+mkrP3flWK84ymvcphnkFSHC5/MpYZl897V8VmM3QW3
7aHTzHw6y1BH5KrSknJb8CA7Gl2VYTQrYgHrrHm0BLokPH8n7Axc3vy0nR4eLRqc
rKs+dPp5/NkOhUwwkF6c+ijnKgnVU35fcqiXYSiVS8Qsdvrw4PAQ4drVH+i6oIcS
H20SDoNf0IkKRSk1k3rRbO5Yd67nuuUOe0aqfNCHUXd8A/Iy0FtRmTbzcTAmQAQM
Z7mx+wsJb/Oy+VPYX+0suK3vEYWkuWkyIytZIqy3jpx2wTdnTCQX+TWMsoUJ2oLW
NsWP7WIW+mLwrl4CFOxJjgQM5dvUIl4vA63dMOY3MMjb7paGG062B/EHjNm/K3Wd
zJA58tVYflwB0PCfWaBH+32Blf2nVrT0ynj1J60vKhG3A4KNsvkpnUZxno+Edt2c
CZE+sKNNRhgAYRU9P0/dM83SyWK8ZxOR2z6xpcPWrPB8Eqf+U2Jaqz2HhJUo1Vhe
D9G7T0H0NqFxakc82FrI6KGtoxySmzKdpvzX0luAHYz0sLZ8w/prLB/+Z+1T7rR8
o11afmo1SFtk9jho3tvZXKWHa2L0Or2GmYk2uGeF0Nw/u38r3Sc=3D
=3DfK2l
-----END PGP SIGNATURE-----


--===============1364688596929629374==
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----

iHUEABYIAB0WIQTziqJOuF8J+ZI8pJSb9qggYcy5IQUCadpfTwAKCRCb9qggYcy5
IanNAP9mCTuGqDdriKleJT1SfpTi6MQ5XixVnhk3T+0S8xxsPQD/Qp+fGY6ZLGDN
kc6gNQrngIkmBxHbPuFCq7+HbTsAfww=
=hdG/
-----END PGP SIGNATURE-----

--===============1364688596929629374==--
]