openssl 1.1.1j-1ubuntu1 source package in Ubuntu

Changelog

openssl (1.1.1j-1ubuntu1) hirsute; urgency=medium

  * Merge from Debian unstable.  Remaining changes:
    - Replace duplicate files in the doc directory with symlinks.
    - debian/libssl1.1.postinst:
      + Display a system restart required notification on libssl1.1
        upgrade on servers, unless needrestart is available.
      + Use a different priority for libssl1.1/restart-services depending
        on whether a desktop, or server dist-upgrade is being performed.
      + Skip services restart & reboot notification if needrestart is in-use.
      + Bump version check to to 1.1.1.
      + Import libraries/restart-without-asking template as used by above.
    - Revert "Enable system default config to enforce TLS1.2 as a
      minimum" & "Increase default security level from 1 to 2".
    - Reword the NEWS entry, as applicable on Ubuntu.
    - Cherrypick s390x SIMD acceleration patches for poly1305 and chacha20
      and ECC from master.
    - Use perl:native in the autopkgtest for installability on i386.
    - Set OPENSSL_TLS_SECURITY_LEVEL=2 as compiled-in minimum security
      level. Change meaning of SECURITY_LEVEL=2 to prohibit TLS versions
      below 1.2 and update documentation. Previous default of 1, can be set
      by calling SSL_CTX_set_security_level(), SSL_set_security_level() or
      using ':@SECLEVEL=1' CipherString value in openssl.cfg.
    - Import https://github.com/openssl/openssl/pull/12272.patch to enable
      CET.
  * Add support for building with noudeb build profile.

openssl (1.1.1j-1) unstable; urgency=medium

  * New upstream version.
   - CVE-2021-23841 (NULL pointer deref in X509_issuer_and_serial_hash()).
   - CVE-2021-23840 (Possible overflow of the output length argument in
     EVP_CipherUpdate(), EVP_EncryptUpdate() and EVP_DecryptUpdate()).

openssl (1.1.1i-3ubuntu2) hirsute; urgency=medium

  * No-change rebuild to drop the udeb package.

openssl (1.1.1i-3ubuntu1) hirsute; urgency=medium

  * Merge from Debian unstable.  Remaining changes:
    - Replace duplicate files in the doc directory with symlinks.
    - debian/libssl1.1.postinst:
      + Display a system restart required notification on libssl1.1
        upgrade on servers, unless needrestart is available.
      + Use a different priority for libssl1.1/restart-services depending
        on whether a desktop, or server dist-upgrade is being performed.
      + Skip services restart & reboot notification if needrestart is in-use.
      + Bump version check to to 1.1.1.
      + Import libraries/restart-without-asking template as used by above.
    - Revert "Enable system default config to enforce TLS1.2 as a
      minimum" & "Increase default security level from 1 to 2".
    - Reword the NEWS entry, as applicable on Ubuntu.
    - Cherrypick s390x SIMD acceleration patches for poly1305 and chacha20
      and ECC from master.
    - Use perl:native in the autopkgtest for installability on i386.
    - Set OPENSSL_TLS_SECURITY_LEVEL=2 as compiled-in minimum security
      level. Change meaning of SECURITY_LEVEL=2 to prohibit TLS versions
      below 1.2 and update documentation. Previous default of 1, can be set
      by calling SSL_CTX_set_security_level(), SSL_set_security_level() or
      using ':@SECLEVEL=1' CipherString value in openssl.cfg.
    - Import https://github.com/openssl/openssl/pull/12272.patch to enable
      CET.

  * Drop many patches included upstream.

openssl (1.1.1i-3) unstable; urgency=medium

  * Cherry-pick a patch from upstream to address #13931.
  * Enable LFS. Thanks to Dan Nicholson for debugging (Closes: #923479).

openssl (1.1.1i-2) unstable; urgency=medium

  * Apply two patches from upstream to address x509 related regressions.

openssl (1.1.1i-1) unstable; urgency=medium

  * New upstream version.
    - CVE-2020-1971 (EDIPARTYNAME NULL pointer de-reference).
    - Restore rejection of expired trusted (root) certificate
      (Closes: #976465).

openssl (1.1.1h-1) unstable; urgency=medium

  * New upstream version
  * Disable CAPI engine, it is designed for Windows.

openssl (1.1.1g-1) unstable; urgency=medium

  * New upstream version
    - CVE-2020-1967 (Segmentation fault in SSL_check_chain).

 -- Dimitri John Ledkov <email address hidden>  Tue, 23 Feb 2021 22:01:12 +0000

Upload details

Uploaded by:
Dimitri John Ledkov
Uploaded to:
Hirsute
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
utils
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
openssl_1.1.1j.orig.tar.gz 9.4 MiB aaf2fcb575cdf6491b98ab4829abf78a3dec8402b8b81efc8f23c00d443981bf
openssl_1.1.1j.orig.tar.gz.asc 488 bytes 02571ae2fb2de5a1bc613106caabb1c4007b5268312aba221ed873c365fd9c99
openssl_1.1.1j-1ubuntu1.debian.tar.xz 140.7 KiB 4b6186e519930241c54527e1ac981fd3dfa5358263e40dff0566d82238a5774b
openssl_1.1.1j-1ubuntu1.dsc 2.7 KiB fad10895c5bdae8b050a8e48170d83a7d0099786187bf4f19fef9e8a586f5ae2

View changes file

Binary packages built by this source

libssl-dev: Secure Sockets Layer toolkit - development files

 This package is part of the OpenSSL project's implementation of the SSL
 and TLS cryptographic protocols for secure communication over the
 Internet.
 .
 It contains development libraries, header files, and manpages for libssl
 and libcrypto.

libssl-doc: Secure Sockets Layer toolkit - development documentation

 This package is part of the OpenSSL project's implementation of the SSL
 and TLS cryptographic protocols for secure communication over the
 Internet.
 .
 It contains manpages and demo files for libssl and libcrypto.

libssl1.1: Secure Sockets Layer toolkit - shared libraries

 This package is part of the OpenSSL project's implementation of the SSL
 and TLS cryptographic protocols for secure communication over the
 Internet.
 .
 It provides the libssl and libcrypto shared libraries.

libssl1.1-dbgsym: debug symbols for libssl1.1
openssl: Secure Sockets Layer toolkit - cryptographic utility

 This package is part of the OpenSSL project's implementation of the SSL
 and TLS cryptographic protocols for secure communication over the
 Internet.
 .
 It contains the general-purpose command line binary /usr/bin/openssl,
 useful for cryptographic operations such as:
  * creating RSA, DH, and DSA key parameters;
  * creating X.509 certificates, CSRs, and CRLs;
  * calculating message digests;
  * encrypting and decrypting with ciphers;
  * testing SSL/TLS clients and servers;
  * handling S/MIME signed or encrypted mail.

openssl-dbgsym: debug symbols for openssl