1. Forum
  2. Usenet
  3. LINUX.DEBIAN.CHANGES

  • Accepted openssl 3.0.14-1~deb12u1 (source) into proposed-updates

    From Debian FTP Masters@21:1/5 to All on Thu Aug 22 17:50:02 2024
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    Format: 1.8
    Date: Thu, 15 Aug 2024 23:51:02 +0200
    Source: openssl
    Architecture: source
    Version: 3.0.14-1~deb12u1
    Distribution: bookworm
    Urgency: medium
    Maintainer: Debian OpenSSL Team <pkg-openssl-devel@alioth-lists.debian.net> Changed-By: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
    Closes: 1068658 1071972 1072113
    Changes:
    openssl (3.0.14-1~deb12u1) bookworm; urgency=medium
    .
    * Import 3.0.14
    - CVE-2024-2511 (Unbounded memory growth with session handling in TLSv1.3)
    (Closes: #1068658).
    - CVE-2024-4603 (Excessive time spent checking DSA keys and parameters)
    (Closes: #1071972).
    - CVE-2024-4741 (Use After Free with SSL_free_buffers)
    (Closes: #1072113).
    Checksums-Sha1:
    5c392cadce27d615f684c339c9cc036f0586c6db 2675 openssl_3.0.14-1~deb12u1.dsc
    80b67212212a5ba81b071026d1ad851d6cbcca93 15305497 openssl_3.0.14.orig.tar.gz
    31dbe278f6d86a380e6c73d58f58543d7ebacad2 833 openssl_3.0.14.orig.tar.gz.asc
    95dd9539f1dc2fbe5f24569b920ace0bb73d0203 69364 openssl_3.0.14-1~deb12u1.debian.tar.xz
    Checksums-Sha256:
    4d5c553aa0c03f3d3c95faedf6446736fc1b52e45c2c5a7686d60e5284a4f167 2675 openssl_3.0.14-1~deb12u1.dsc
    eeca035d4dd4e84fc25846d952da6297484afa0650a6f84c682e39df3a4123ca 15305497 openssl_3.0.14.orig.tar.gz
    251c0453a8ea7716cb6ce6cf67f8ca4ae48fbed97a924167ef8f271dd387033b 833 openssl_3.0.14.orig.tar.gz.asc
    307e7aa3ae64599c46ccfbdb67e41d3648bb58879d77b413cbe9184a5f3d9f40 69364 openssl_3.0.14-1~deb12u1.debian.tar.xz
    Files:
    c2faa49dacd5c8aba779bf813c4b0828 2675 utils optional openssl_3.0.14-1~deb12u1.dsc
    e6fe71fb59a502db54a25cd0f34ea67e 15305497 utils optional openssl_3.0.14.orig.tar.gz
    c33eb94718076b0353c1331695b8d83a 833 utils optional openssl_3.0.14.orig.tar.gz.asc
    1e4a47c3ba8c284026a3fb3541afb951 69364 utils optional openssl_3.0.14-1~deb12u1.debian.tar.xz

    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEZCVGlf/wqkRmzBnme5boFiqM9dEFAmbBEJAACgkQe5boFiqM 9dHVhA//U9Ku03SNjR5XxW8T2Nw0u3vWNLW2KFiUslJWArQ0Iyn7zJb1doARy4FE 9wcJGCZsI1H38asayZwQTzdq18llykfWM1VEeoxFUGXJrTnVGz+95LClxgl6c+h/ EUoLstlLWw054ognOZjIrI+0ZMQW9i5BLarQqtYGwK3zLwz0ocsvVvIMpZ8oaaDO h56xmbvA4h01Pi2KiOzJn2ZZEQwtNFAnAPw+cJlf0tbGne7d0B23KVEvD0dL2Pnd YGfZM7WBmqGecplpXo3gkVaCrBIIkpnPV/YIZqCoKvBysvHlDRI3OSXPzdGQLdO/ Wy4sjmVfi8UL7mscpYL6IMSxjz1Sk9n78IuAyk2inpyK3IpGOheasl9bB5PqO74z AtTZgL6ubLjJkHzUpBIJbDVzirK+0BxgdrlZcv9ERAH9cuNvSqDRWN4VfxBZ/jsp Ye66nUWqVLIlGfGPzaLvjbwzM2hkBYYhjYVKQgIjOxaZKouXJCGmbuVEXUju1GDU FZUvID2wF1VZ+Xlh4xhKdLEP2Ykntz1qh8sGtgzyvhDvTjr8HmcaD9WHbGQrvDir wI9hKPIALcKEc7Uf9Yqa1WxhY0/yeOEJRVJU0tp9Y808dCwRYzUTm2Gfq5dZR+3r XvdD+tKtPEeJsJ5QrCZDm+hEHVhSWAnDIF5l3FZ6Sb3KJRHxkUY=
    =gK1p
    -----END PGP SIGNATURE-----


    --=============="93230825789849029=Content-Type: application/pgp-signature

    -----BEGIN PGP SIGNATURE-----

    iHUEABYIAB0WIQTziqJOuF8J+ZI8pJSb9qggYcy5IQUCZsddfgAKCRCb9qggYcy5 IfelAQD79TswoUHE5SsL+EgkXUYyaxXOZSfh6GiIwOqwsn/TZAEA9R/QHwZgR95L aRyvjXtjdSq9SHibTi+dLzP3o9rWHwM=d+Qp
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)