openssl 3.4.0-1ubuntu1 source package in Ubuntu

Changelog

openssl (3.4.0-1ubuntu1) plucky; urgency=medium

  * Merge with Debian unstable (LP: #2044795). Remaining changes:
    - Use perl:native in the autopkgtest for installability on i386.
    - Symlink copyright/changelog.Debian.gz in libssl3* to libssl-dev/openssl
    - Disable LTO with which the codebase is generally incompatible (LP: #2058017)
    - Default config reads crypto-config and /etc/ssl/openssl.cnf.d dropins
    - patch: crypto: Add kernel FIPS mode detection
    - patch: crypto: Automatically use the FIPS provider...
    - patch: apps/speed: Omit unavailable algorithms in FIPS mode
    - patch: apps: pass -propquery arg to the libctx DRBG fetches
    - patch: test: Ensure encoding runs with the correct context...
    - patch: Add Ubuntu-specific defines to help FIPS certification (LP: #2073991)
      + UBUNTU_OSSL_SELF_TEST_DESC_PCT_DH
      + UBUNTU_OSSL_PROV_FIPS_PARAM_UNAPPROVED_USAGE
    Dropped, merged upstream:
    - debian/patches/CVE-2024-6119.patch: avoid type errors in EAI-related
      name check logic in crypto/x509/v3_utl.c, test/*.
  * Don't enable or package anything FIPS (LP: #2087955)

openssl (3.4.0-1) experimental; urgency=medium

  * Import 3.4.0

openssl (3.4.0~~beta1-2) experimental; urgency=medium

  * Add a patch to avoid using other memory allocations if custom malloc is
    provided.
  * Add a patch to check length in the SPARC assembly implementation of
    AES-CBC.

openssl (3.4.0~~beta1-1) experimental; urgency=medium

  * Import 3.4.0-beta1

openssl (3.3.2-1) unstable; urgency=medium

  * Import 3.3.2.
    - CVE-2024-6119 (Possible denial of service in X.509 name checks).
    - CVE-2024-5535 (SSL_select_next_proto buffer overread)
      (Closes: #1074487).

openssl (3.3.1-7) unstable; urgency=medium

  * Make libssl3t64 depend on openssl-provider-legacy (See further development
    in #965041).

openssl (3.3.1-6) unstable; urgency=medium

  [ Sebastian Andrzej Siewior ]
  * Enable ec_nistp_64_gcc_128 on arm64, ppc64el, riscv64. Initially suggested
    by Joel Stanley.
  * Add a "prefix" for pkg-config and cmake exporter
    (Closes: #1078509, #1078020).
  * Add Breaks/ Replaces to the legacy provider also against libssl3
    (Closes: #1078551).
  * Upload to unstable.

  [ Debian Janitor ]
  * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository,
    Repository-Browse.
  * Fix day-of-week for changelog entries 0.9.8a-7, 0.9.8a-6, 0.9.8a-4.

openssl (3.3.1-5) experimental; urgency=medium

  * Split the legacy provider into its own package (Closes: #965041).
  * Add the FIPS provider (Closes: #1050210).
  * Reintroduce the provider section back in the default openssl.cnf. This is
    was to keep compatibility with the openssl 1.1 series. Adding makes it
    easier to add/ enable provides such as fips.

 -- Adrien Nader <email address hidden>  Fri, 29 Nov 2024 11:19:56 +0100

Upload details

Uploaded by:
Adrien Nader
Sponsored by:
Simon Chopin
Uploaded to:
Plucky
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
utils
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Plucky proposed main utils

Downloads

File Size SHA-256 Checksum
openssl_3.4.0.orig.tar.gz 17.5 MiB e15dda82fe2fe8139dc2ac21a36d4ca01d5313c75f99f46c4e8a27709b7294bf
openssl_3.4.0.orig.tar.gz.asc 833 bytes c1769b042904b54becc86b28cd5ff5475ed229a76c5eda5a6f5906e3fe1a3706
openssl_3.4.0-1ubuntu1.debian.tar.xz 64.3 KiB 702b94ae3fda03da8a0d9182c233ffde749b162baeeb98a1254b0470fdd82c8f
openssl_3.4.0-1ubuntu1.dsc 2.6 KiB 3c8c282e41c4e842e702bbe38c75bbc70796fe7ed500690c201d3b5cb84721d5

View changes file

Binary packages built by this source

libssl-dev: Secure Sockets Layer toolkit - development files

 This package is part of the OpenSSL project's implementation of the SSL
 and TLS cryptographic protocols for secure communication over the
 Internet.
 .
 It contains development libraries, header files, and manpages for libssl
 and libcrypto.

libssl-doc: Secure Sockets Layer toolkit - development documentation

 This package is part of the OpenSSL project's implementation of the SSL
 and TLS cryptographic protocols for secure communication over the
 Internet.
 .
 It contains manpages and demo files for libssl and libcrypto.

libssl3t64: Secure Sockets Layer toolkit - shared libraries

 This package is part of the OpenSSL project's implementation of the SSL
 and TLS cryptographic protocols for secure communication over the
 Internet.
 .
 It provides the libssl and libcrypto shared libraries.

libssl3t64-dbgsym: debug symbols for libssl3t64
openssl: Secure Sockets Layer toolkit - cryptographic utility

 This package is part of the OpenSSL project's implementation of the SSL
 and TLS cryptographic protocols for secure communication over the
 Internet.
 .
 It contains the general-purpose command line binary /usr/bin/openssl,
 useful for cryptographic operations such as:
  * creating RSA, DH, and DSA key parameters;
  * creating X.509 certificates, CSRs, and CRLs;
  * calculating message digests;
  * encrypting and decrypting with ciphers;
  * testing SSL/TLS clients and servers;
  * handling S/MIME signed or encrypted mail.

openssl-dbgsym: debug symbols for openssl
openssl-provider-legacy: Secure Sockets Layer toolkit - cryptographic utility

 This package is part of the OpenSSL project's implementation of the SSL
 and TLS cryptographic protocols for secure communication over the
 Internet.
 .
 This package contains the legacy provider. The OpenSSL legacy provider
 supplies OpenSSL implementations of algorithms that have been deemed legacy.
 Such algorithms have commonly fallen out of use, have been deemed insecure by
 the cryptography community, or something similar.
 For details see OSSL_PROVIDER-legacy man page.

openssl-provider-legacy-dbgsym: debug symbols for openssl-provider-legacy