Format: 1.8
Date: Mon, 17 Apr 2023 15:11:39 -0300
Source: openssl
Binary: libcrypto1.1-udeb libssl-dev libssl1.1 libssl1.1-udeb openssl
Architecture: arm64 arm64_translations
Version: 1.1.1f-1ubuntu2.18
Distribution: focal
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos01-arm64-019.buildd>
Changed-By: Camila Camargo de Matos <camila.camargodematos@canonical.com>
Description:
 libcrypto1.1-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb)
 libssl-dev - Secure Sockets Layer toolkit - development files
 libssl1.1  - Secure Sockets Layer toolkit - shared libraries
 libssl1.1-udeb - ssl shared library - udeb (udeb)
 openssl    - Secure Sockets Layer toolkit - cryptographic utility
Changes:
 openssl (1.1.1f-1ubuntu2.18) focal-security; urgency=medium
 .
   * SECURITY UPDATE: excessive resource use when verifying policy constraints
     - debian/patches/CVE-2023-0464-1.patch: limit the number of nodes created
       in a policy tree (the default limit is set to 1000 nodes).
     - debian/patches/CVE-2023-0464-2.patch: add test cases for the policy
       resource overuse.
     - debian/patches/CVE-2023-0464-3.patch: disable the policy tree
       exponential growth test conditionally.
     - CVE-2023-0464
   * SECURITY UPDATE: invalid certificate policies ignored in leaf certificates
     - debian/patches/CVE-2023-0465-1.patch: ensure that EXFLAG_INVALID_POLICY
       is checked even in leaf certs.
     - debian/patches/CVE-2023-0465-2.patch: generate some certificates with
       the certificatePolicies extension.
     - debian/patches/CVE-2023-0465-3.patch: add a certificate policies test.
     - CVE-2023-0466
   * SECURITY UPDATE: certificate policy check in X509_VERIFY_PARAM_add0_policy
     not enabled as documented
     - debian/patches/CVE-2023-0466.patch: fix documentation of
       X509_VERIFY_PARAM_add0_policy().
     - CVE-2023-0466
Checksums-Sha1:
 42f00c5f82bea3c727bd677959225e121c1ebe5d 948016 libcrypto1.1-udeb_1.1.1f-1ubuntu2.18_arm64.udeb
 95312945d88dbf3f8f3300ae355861f76009aeb8 1463680 libssl-dev_1.1.1f-1ubuntu2.18_arm64.deb
 5fd5def6a19358f4cccdbb50af4d4c52b942f4d6 2895112 libssl1.1-dbgsym_1.1.1f-1ubuntu2.18_arm64.ddeb
 a5074b38628bfcd60eef9986744587d35d23c231 173340 libssl1.1-udeb_1.1.1f-1ubuntu2.18_arm64.udeb
 6fddfb6ecc51a6aab36559cf4ecc35bf24c5334a 1158168 libssl1.1_1.1.1f-1ubuntu2.18_arm64.deb
 750cd24f2266c8b4a6038fa40cd29fe516b80e37 546168 openssl-dbgsym_1.1.1f-1ubuntu2.18_arm64.ddeb
 0fc448055cb9d622ce3104870d27eac4ab0c57c5 7426 openssl_1.1.1f-1ubuntu2.18_arm64.buildinfo
 f55570dd86bd2de15d46e0b129a112f3f568a9a2 599836 openssl_1.1.1f-1ubuntu2.18_arm64.deb
 30cb70f0ad3b06971b79ebd37f3c2676b35f6b02 27580 openssl_1.1.1f-1ubuntu2.18_arm64_translations.tar.gz
Checksums-Sha256:
 a7e71cbd5ecf659ac762a32d0589008b23498538001a304bbd347fa7eb9daf28 948016 libcrypto1.1-udeb_1.1.1f-1ubuntu2.18_arm64.udeb
 767f69c900c3b98cb0f5b231b5eb8543c28996eb490eddb1012eda237a4dbbb3 1463680 libssl-dev_1.1.1f-1ubuntu2.18_arm64.deb
 01d621a9f2137e3b93ad59241faf28639c69a2d0a878d95b8698280451f14013 2895112 libssl1.1-dbgsym_1.1.1f-1ubuntu2.18_arm64.ddeb
 3f5f2e755b688db6daa930983941255b7828ed5d5a893d77e6b52a5a1cf0cac3 173340 libssl1.1-udeb_1.1.1f-1ubuntu2.18_arm64.udeb
 b9e64658fc37a37b6eb4c79bec48266e632b233484c5fcbfaf3986799b52ba44 1158168 libssl1.1_1.1.1f-1ubuntu2.18_arm64.deb
 60f8e6cb7854feccef50b768a5ee57c5184fdc80054608dc54fc4190d4583c87 546168 openssl-dbgsym_1.1.1f-1ubuntu2.18_arm64.ddeb
 b2b86ebe375824c27a4e9b4e255ded33cabe820890a2fb8d2c6a786b75fffb08 7426 openssl_1.1.1f-1ubuntu2.18_arm64.buildinfo
 6d4240cf2d355506e0b1c23bff8837fb29184a96201a114cdcc8ab4b8a796043 599836 openssl_1.1.1f-1ubuntu2.18_arm64.deb
 96e5d81a4db99c1fbb750692b2e4c742f74dd7736212230c06d28266467b1c6b 27580 openssl_1.1.1f-1ubuntu2.18_arm64_translations.tar.gz
Files:
 3006b03135ccb70e7bf4f0dce39c82a2 948016 debian-installer optional libcrypto1.1-udeb_1.1.1f-1ubuntu2.18_arm64.udeb
 c49c10ae577219c81dc5d851614a9cfc 1463680 libdevel optional libssl-dev_1.1.1f-1ubuntu2.18_arm64.deb
 bd8f2d9e54dab3e238a43679d73a11a7 2895112 debug optional libssl1.1-dbgsym_1.1.1f-1ubuntu2.18_arm64.ddeb
 c19848c04b434bfb0d6420725058b2e6 173340 debian-installer optional libssl1.1-udeb_1.1.1f-1ubuntu2.18_arm64.udeb
 d8f66b2fbb4208b0209debfd0a765a4d 1158168 libs optional libssl1.1_1.1.1f-1ubuntu2.18_arm64.deb
 82db8262bf40eda55419c493f76613f8 546168 debug optional openssl-dbgsym_1.1.1f-1ubuntu2.18_arm64.ddeb
 759541c134fde05b52fbbc61e3f37023 7426 utils optional openssl_1.1.1f-1ubuntu2.18_arm64.buildinfo
 663cf2d610cc213cfa8562cac56c1718 599836 utils optional openssl_1.1.1f-1ubuntu2.18_arm64.deb
 7b2776b56325c169a2c1fca1424e7150 27580 raw-translations - openssl_1.1.1f-1ubuntu2.18_arm64_translations.tar.gz
Original-Maintainer: Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>