[Pkg-openssl-devel] openssl_3.0.3-1_source.changes ACCEPTED into experimental
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Fri May 6 22:35:45 BST 2022
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 06 May 2022 22:21:52 +0200
Source: openssl
Architecture: source
Version: 3.0.3-1
Distribution: experimental
Urgency: medium
Maintainer: Debian OpenSSL Team <pkg-openssl-devel at alioth-lists.debian.net>
Changed-By: Sebastian Andrzej Siewior <sebastian at breakpoint.cc>
Closes: 948800 983722 1010360
Changes:
openssl (3.0.3-1) experimental; urgency=medium
.
* Import 3.0.3
- CVE-2022-1292 (The c_rehash script allows command injection).
- CVE-2022-1343 (OCSP_basic_verify may incorrectly verify the response
signing certificate).
- CVE-2022-1434 (Incorrect MAC key used in the RC4-MD5 ciphersuite).
- CVE-2022-1473 (Resource leakage when decoding certificates and keys).
- Add new symbols.
* Correct the openssl.cnf to provide proper default configuration. Thanks to
Matthias Blümel (Closes: #1010360).
* Use a separator in the CipherString in openssl.cnf (Closes: #948800).
* Remove the postinst script which was used to restart daemons after a
library upgrade. It is not updated and essentially dead code. Users are
advised to switch to checkrestart/ needrestart or a similar service.
Thanks to Helmut Grohne (Closes: #983722).
Checksums-Sha1:
58deaf4ca08c283e2109a0d982b8117d000f6eb4 2634 openssl_3.0.3-1.dsc
1138de3f1a2f573ae69302ab52ecd9bbf5e063ca 15058905 openssl_3.0.3.orig.tar.gz
8f885437a2a5df235ddc2d5cba46477cccca335d 488 openssl_3.0.3.orig.tar.gz.asc
2eb3663ea5256b5591cd8cac4ac1561f76c4698f 68068 openssl_3.0.3-1.debian.tar.xz
Checksums-Sha256:
7cc5c615c5d270ffc7425fe62486edf84057439b3d208b88892b2978ca7dec27 2634 openssl_3.0.3-1.dsc
ee0078adcef1de5f003c62c80cc96527721609c6f3bb42b7795df31f8b558c0b 15058905 openssl_3.0.3.orig.tar.gz
3518d826c0758ab218a318cf5f2d44abe9191d85fb598e830120def6e575cd4b 488 openssl_3.0.3.orig.tar.gz.asc
2d063fc062e9feffc3212845cc9a96d42a102e14bb39eefab10b538593838f7d 68068 openssl_3.0.3-1.debian.tar.xz
Files:
d187f0b16b3e61a8b684f4119eded14a 2634 utils optional openssl_3.0.3-1.dsc
07e9048cd2b1a22668b13ec9cd093cb5 15058905 utils optional openssl_3.0.3.orig.tar.gz
665c50638601a1dff3949d69270a6fba 488 utils optional openssl_3.0.3.orig.tar.gz.asc
25152c3a540892d9ceea44b8e21f8deb 68068 utils optional openssl_3.0.3-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQJMBAEBCgA2FiEEZCVGlf/wqkRmzBnme5boFiqM9dEFAmJ1hrkYHHNlYmFzdGlh
bkBicmVha3BvaW50LmNjAAoJEHuW6BYqjPXRTo4P/j1UIS3p8oUNwwtYN4NO79q8
ZdGdTE7Tq9T/6hiGVzLoowWgtx2xAKtOD58waq5roxfs34oCB4nykdieLrPglVJl
HxaoG99FP8NGcKrKU35d98Qi7P2Z5UMY4OQ5NoVi/fZCjzXQI+Ny5CRXSEqfngPR
x5at3a+GpawGJE9uq5tudrBvD/sAv9VfVl/j732YXmkNfpU+bPs+/K066m5kNNlF
L0YB5ekwFcwDwGMNi1X/6MOfylFy2p5mnTGUdyQ487kYMeqO4hVmFd32HeqRcOXe
ZCUYuesCh2oVKw7I8lwRJbRx0QVhvc4de8hQV/k4V+9WUZsQamwODpuraEP6dEgx
ZL7OjNbCvaAhlJQ315JJz/S49T6NmWhJlAoWTISXWOcrxPHFRfr3V8hTbn/q/vat
BTf8CK7LtshKrCAXZYec5DkfaS/ur1vWw0mJP7drQvWlt/u/Ri2tSYxD3Wk63w8n
icCBhGwY+yFl++JcqnAv8dpW/QnpqFFGiW/4Xp9txjKCKbQeNMxgYSz7gNO84pKK
smUNrKO6cltBwsLYIlQJSKVmCKjt0255dlOLu8KuEn8pP+A6N2Yl4FlQLJLNXP3b
3ZXVdu/QjThjDRKWjQVjRm8kaXUSakNFIOqPqk0JCHBmXutuMsus/DEc4zDFAIuu
Iggvg24uRL/F98xwNvh5
=Xmxg
-----END PGP SIGNATURE-----
Thank you for your contribution to Debian.
More information about the Pkg-openssl-devel
mailing list