openssl 3.3.1-2ubuntu2.1 source package in Ubuntu
Changelog
openssl (3.3.1-2ubuntu2.1) oracular-security; urgency=medium
* SECURITY UPDATE: Low-level invalid GF(2^m) parameters lead to OOB
memory access
- debian/patches/CVE-2024-9143.patch: harden BN_GF2m_poly2arr against
misuse in crypto/bn/bn_gf2m.c, test/ec_internal_test.c.
- CVE-2024-9143
* SECURITY UPDATE: A timing side-channel which could potentially allow
recovering the private key exists in the ECDSA signature computation
- debian/patches/CVE-2024-13176.patch: Fix timing side-channel in
ECDSA signature computation in crypto/bn/bn_exp.c,
crypto/ec/ec_lib.c, include/crypto/bn.h.
- CVE-2024-13176
* SECURITY UPDATE: RFC7250 handshakes with unauthenticated servers don't
abort as expected
- debian/patches/CVE-2024-12797-1.patch: with SSL_VERIFY_PEER client
RPK should abort on X509 error in ssl/statem/statem_clnt.c,
test/rpktest.c.
- debian/patches/CVE-2024-12797-2.patch: use ERR marks also when
verifying server X.509 certs in ssl/statem/statem_clnt.c,
test/rpktest.c.
- CVE-2024-12797
* debian/patches/issue26466.patch: restore correct registers in aarch64
AES-CTR code in crypto/aes/asm/aesv8-armx.pl.
-- Marc Deslauriers <email address hidden> Wed, 05 Feb 2025 07:56:37 -0500
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Oracular
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- utils
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Oracular | updates | main | utils | |
| Oracular | security | main | utils |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| openssl_3.3.1.orig.tar.gz | 17.2 MiB | 777cd596284c883375a2a7a11bf5d2786fc5413255efab20c50d6ffe6d020b7e |
| openssl_3.3.1.orig.tar.gz.asc | 833 bytes | a1ca1547057b75e1750717d69a35a5373544cb42f671a1a7f672c4237aab1248 |
| openssl_3.3.1-2ubuntu2.1.debian.tar.xz | 91.6 KiB | ecf2ee4a3577e33e00d534b1abcd5e4bba4da75bbd495b7868d986b0945318f2 |
| openssl_3.3.1-2ubuntu2.1.dsc | 2.7 KiB | aaa702fe41fd98a5227524dafa3f1f21c171711c10623f9a3a4bd2ad18094e17 |
Available diffs
Binary packages built by this source
- libssl-dev: Secure Sockets Layer toolkit - development files
This package is part of the OpenSSL project's implementation of the SSL
and TLS cryptographic protocols for secure communication over the
Internet.
.
It contains development libraries, header files, and manpages for libssl
and libcrypto.
- libssl-doc: Secure Sockets Layer toolkit - development documentation
This package is part of the OpenSSL project's implementation of the SSL
and TLS cryptographic protocols for secure communication over the
Internet.
.
It contains manpages and demo files for libssl and libcrypto.
- libssl3t64: Secure Sockets Layer toolkit - shared libraries
This package is part of the OpenSSL project's implementation of the SSL
and TLS cryptographic protocols for secure communication over the
Internet.
.
It provides the libssl and libcrypto shared libraries.
- libssl3t64-dbgsym: debug symbols for libssl3t64
- openssl: Secure Sockets Layer toolkit - cryptographic utility
This package is part of the OpenSSL project's implementation of the SSL
and TLS cryptographic protocols for secure communication over the
Internet.
.
It contains the general-purpose command line binary /usr/bin/openssl,
useful for cryptographic operations such as:
* creating RSA, DH, and DSA key parameters;
* creating X.509 certificates, CSRs, and CRLs;
* calculating message digests;
* encrypting and decrypting with ciphers;
* testing SSL/TLS clients and servers;
* handling S/MIME signed or encrypted mail.
- openssl-dbgsym: debug symbols for openssl
