openssl 1.1.1f-1ubuntu2.17 source package in Ubuntu
Changelog
openssl (1.1.1f-1ubuntu2.17) focal-security; urgency=medium * SECURITY UPDATE: Timing Oracle in RSA Decryption - debian/patches/CVE-2022-4304.patch: fix timing oracle in crypto/bn/bn_blind.c, crypto/bn/bn_err.c, crypto/bn/bn_local.h, crypto/bn/build.info, crypto/bn/rsa_sup_mul.c, crypto/err/openssl.txt, crypto/rsa/rsa_ossl.c, include/crypto/bn.h, include/openssl/bnerr.h. - CVE-2022-4304 * SECURITY UPDATE: Double free after calling PEM_read_bio_ex - debian/patches/CVE-2022-4450-1.patch: avoid dangling ptrs in header and data params for PEM_read_bio_ex in crypto/pem/pem_lib.c. - debian/patches/CVE-2022-4450-2.patch: add a test in test/pemtest.c. - CVE-2022-4450 * SECURITY UPDATE: Use-after-free following BIO_new_NDEF - debian/patches/CVE-2023-0215-1.patch: fix a UAF resulting from a bug in BIO_new_NDEF in crypto/asn1/bio_ndef.c. - debian/patches/CVE-2023-0215-2.patch: check CMS failure during BIO setup with -stream is handled correctly in test/recipes/80-test_cms.t, test/smime-certs/badrsa.pem. - CVE-2023-0215 * SECURITY UPDATE: X.400 address type confusion in X.509 GeneralName - debian/patches/CVE-2023-0286.patch: fix GENERAL_NAME_cmp for x400Address in crypto/x509/v3_genn.c, include/openssl/x509v3.h, test/v3nametest.c. - CVE-2023-0286 -- Marc Deslauriers <email address hidden> Mon, 06 Feb 2023 12:57:17 -0500
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Focal
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- utils
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
openssl_1.1.1f.orig.tar.gz | 9.3 MiB | 186c6bfe6ecfba7a5b48c47f8a1673d0f3b0e5ba2e25602dd23b629975da3f35 |
openssl_1.1.1f-1ubuntu2.17.debian.tar.xz | 214.3 KiB | 367832d6b3cbfc5203efb3aac67c22a422cd08315f67436d641805b520d9f06b |
openssl_1.1.1f-1ubuntu2.17.dsc | 2.4 KiB | d1ad1cb4ca8b04e1102074b056336d47796869289c18c9883ea21eac4271896c |
Available diffs
Binary packages built by this source
- libcrypto1.1-udeb: Secure Sockets Layer toolkit - libcrypto udeb
This package is part of the OpenSSL project's implementation of the SSL
and TLS cryptographic protocols for secure communication over the
Internet.
.
It contains a version of the libcrypto shared library for use with the
Debian Installer. Do not install it on a normal system.
- libssl-dev: Secure Sockets Layer toolkit - development files
This package is part of the OpenSSL project's implementation of the SSL
and TLS cryptographic protocols for secure communication over the
Internet.
.
It contains development libraries, header files, and manpages for libssl
and libcrypto.
- libssl-doc: Secure Sockets Layer toolkit - development documentation
This package is part of the OpenSSL project's implementation of the SSL
and TLS cryptographic protocols for secure communication over the
Internet.
.
It contains manpages and demo files for libssl and libcrypto.
- libssl1.1: Secure Sockets Layer toolkit - shared libraries
This package is part of the OpenSSL project's implementation of the SSL
and TLS cryptographic protocols for secure communication over the
Internet.
.
It provides the libssl and libcrypto shared libraries.
- libssl1.1-dbgsym: debug symbols for libssl1.1
- libssl1.1-udeb: ssl shared library - udeb
libssl shared library.
.
Do not install it on a normal system.
- openssl: Secure Sockets Layer toolkit - cryptographic utility
This package is part of the OpenSSL project's implementation of the SSL
and TLS cryptographic protocols for secure communication over the
Internet.
.
It contains the general-purpose command line binary /usr/bin/openssl,
useful for cryptographic operations such as:
* creating RSA, DH, and DSA key parameters;
* creating X.509 certificates, CSRs, and CRLs;
* calculating message digests;
* encrypting and decrypting with ciphers;
* testing SSL/TLS clients and servers;
* handling S/MIME signed or encrypted mail.
- openssl-dbgsym: debug symbols for openssl