Changelog
openssl (3.0.3-1) experimental; urgency=medium
* Import 3.0.3
- CVE-2022-1292 (The c_rehash script allows command injection).
- CVE-2022-1343 (OCSP_basic_verify may incorrectly verify the response
signing certificate).
- CVE-2022-1434 (Incorrect MAC key used in the RC4-MD5 ciphersuite).
- CVE-2022-1473 (Resource leakage when decoding certificates and keys).
- Add new symbols.
* Correct the openssl.cnf to provide proper default configuration. Thanks to
Matthias Blümel (Closes: #1010360).
* Use a separator in the CipherString in openssl.cnf (Closes: #948800).
* Remove the postinst script which was used to restart daemons after a
library upgrade. It is not updated and essentially dead code. Users are
advised to switch to checkrestart/ needrestart or a similar service.
Thanks to Helmut Grohne (Closes: #983722).
-- Sebastian Andrzej Siewior <email address hidden> Fri, 06 May 2022 22:21:52 +0200