openssl 3.4.0-1ubuntu1 source package in Ubuntu
Changelog
openssl (3.4.0-1ubuntu1) plucky; urgency=medium * Merge with Debian unstable (LP: #2044795). Remaining changes: - Use perl:native in the autopkgtest for installability on i386. - Symlink copyright/changelog.Debian.gz in libssl3* to libssl-dev/openssl - Disable LTO with which the codebase is generally incompatible (LP: #2058017) - Default config reads crypto-config and /etc/ssl/openssl.cnf.d dropins - patch: crypto: Add kernel FIPS mode detection - patch: crypto: Automatically use the FIPS provider... - patch: apps/speed: Omit unavailable algorithms in FIPS mode - patch: apps: pass -propquery arg to the libctx DRBG fetches - patch: test: Ensure encoding runs with the correct context... - patch: Add Ubuntu-specific defines to help FIPS certification (LP: #2073991) + UBUNTU_OSSL_SELF_TEST_DESC_PCT_DH + UBUNTU_OSSL_PROV_FIPS_PARAM_UNAPPROVED_USAGE Dropped, merged upstream: - debian/patches/CVE-2024-6119.patch: avoid type errors in EAI-related name check logic in crypto/x509/v3_utl.c, test/*. * Don't enable or package anything FIPS (LP: #2087955) openssl (3.4.0-1) experimental; urgency=medium * Import 3.4.0 openssl (3.4.0~~beta1-2) experimental; urgency=medium * Add a patch to avoid using other memory allocations if custom malloc is provided. * Add a patch to check length in the SPARC assembly implementation of AES-CBC. openssl (3.4.0~~beta1-1) experimental; urgency=medium * Import 3.4.0-beta1 openssl (3.3.2-1) unstable; urgency=medium * Import 3.3.2. - CVE-2024-6119 (Possible denial of service in X.509 name checks). - CVE-2024-5535 (SSL_select_next_proto buffer overread) (Closes: #1074487). openssl (3.3.1-7) unstable; urgency=medium * Make libssl3t64 depend on openssl-provider-legacy (See further development in #965041). openssl (3.3.1-6) unstable; urgency=medium [ Sebastian Andrzej Siewior ] * Enable ec_nistp_64_gcc_128 on arm64, ppc64el, riscv64. Initially suggested by Joel Stanley. * Add a "prefix" for pkg-config and cmake exporter (Closes: #1078509, #1078020). * Add Breaks/ Replaces to the legacy provider also against libssl3 (Closes: #1078551). * Upload to unstable. [ Debian Janitor ] * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository, Repository-Browse. * Fix day-of-week for changelog entries 0.9.8a-7, 0.9.8a-6, 0.9.8a-4. openssl (3.3.1-5) experimental; urgency=medium * Split the legacy provider into its own package (Closes: #965041). * Add the FIPS provider (Closes: #1050210). * Reintroduce the provider section back in the default openssl.cnf. This is was to keep compatibility with the openssl 1.1 series. Adding makes it easier to add/ enable provides such as fips. -- Adrien Nader <email address hidden> Fri, 29 Nov 2024 11:19:56 +0100
Upload details
- Uploaded by:
- Adrien Nader
- Sponsored by:
- Simon Chopin
- Uploaded to:
- Plucky
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- utils
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section | |
---|---|---|---|---|
Plucky | proposed | main | utils |
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
openssl_3.4.0.orig.tar.gz | 17.5 MiB | e15dda82fe2fe8139dc2ac21a36d4ca01d5313c75f99f46c4e8a27709b7294bf |
openssl_3.4.0.orig.tar.gz.asc | 833 bytes | c1769b042904b54becc86b28cd5ff5475ed229a76c5eda5a6f5906e3fe1a3706 |
openssl_3.4.0-1ubuntu1.debian.tar.xz | 64.3 KiB | 702b94ae3fda03da8a0d9182c233ffde749b162baeeb98a1254b0470fdd82c8f |
openssl_3.4.0-1ubuntu1.dsc | 2.6 KiB | 3c8c282e41c4e842e702bbe38c75bbc70796fe7ed500690c201d3b5cb84721d5 |
Available diffs
Binary packages built by this source
- libssl-dev: Secure Sockets Layer toolkit - development files
This package is part of the OpenSSL project's implementation of the SSL
and TLS cryptographic protocols for secure communication over the
Internet.
.
It contains development libraries, header files, and manpages for libssl
and libcrypto.
- libssl-doc: Secure Sockets Layer toolkit - development documentation
This package is part of the OpenSSL project's implementation of the SSL
and TLS cryptographic protocols for secure communication over the
Internet.
.
It contains manpages and demo files for libssl and libcrypto.
- libssl3t64: Secure Sockets Layer toolkit - shared libraries
This package is part of the OpenSSL project's implementation of the SSL
and TLS cryptographic protocols for secure communication over the
Internet.
.
It provides the libssl and libcrypto shared libraries.
- libssl3t64-dbgsym: debug symbols for libssl3t64
- openssl: Secure Sockets Layer toolkit - cryptographic utility
This package is part of the OpenSSL project's implementation of the SSL
and TLS cryptographic protocols for secure communication over the
Internet.
.
It contains the general-purpose command line binary /usr/bin/openssl,
useful for cryptographic operations such as:
* creating RSA, DH, and DSA key parameters;
* creating X.509 certificates, CSRs, and CRLs;
* calculating message digests;
* encrypting and decrypting with ciphers;
* testing SSL/TLS clients and servers;
* handling S/MIME signed or encrypted mail.
- openssl-dbgsym: debug symbols for openssl
- openssl-provider-legacy: Secure Sockets Layer toolkit - cryptographic utility
This package is part of the OpenSSL project's implementation of the SSL
and TLS cryptographic protocols for secure communication over the
Internet.
.
This package contains the legacy provider. The OpenSSL legacy provider
supplies OpenSSL implementations of algorithms that have been deemed legacy.
Such algorithms have commonly fallen out of use, have been deemed insecure by
the cryptography community, or something similar.
For details see OSSL_PROVIDER-legacy man page.
- openssl-provider-legacy-dbgsym: debug symbols for openssl-provider-legacy