New Debian openssl 1.1.1n-0+deb10u7 fixes: This update addresses the following issues: 1.1.1n-0+deb10u7 (Thu, 31 Oct 2024 13:21:45 +0800) * Non-maintainer upload by the ELTS Team. * Backport upstream fixes for - CVE-2023-5678 (denial of service w/ excessively long X9.42 DH keys) - CVE-2024-0727 (denial of service on null field in PKCS12 file) - CVE-2024-2511 (denial of service when SSL_OP_NO_TICKET with TLSv1.3) - CVE-2024-4741 (use after free with SSL_free_buffers) - CVE-2024-5535 (crash or buffer overread in SSL_select_next_proto) - CVE-2024-9143 (out-of-bounds access w/ certain elliptic curve APIs) .
--- mirror/ftp/pool/main/o/openssl/openssl_1.1.1n-0+deb10u6.dsc +++ apt/ucs_5.0-0-errata5.0-9/source/openssl_1.1.1n-0+deb10u7.dsc @@ -1,3 +1,20 @@ +1.1.1n-0+deb10u7 [Thu, 31 Oct 2024 13:21:45 +0800] Sean Whitton <spwhitton@spwhitton.name>: + + * Non-maintainer upload by the ELTS Team. + * Backport upstream fixes for + - CVE-2023-5678 (denial of service w/ excessively long X9.42 DH keys) + (Closes: #1055473) + - CVE-2024-0727 (denial of service on null field in PKCS12 file) + (Closes: #1061582) + - CVE-2024-2511 (denial of service when SSL_OP_NO_TICKET with TLSv1.3) + (Closes: #1068658) + - CVE-2024-4741 (use after free with SSL_free_buffers) + (Closes: #1072113) + - CVE-2024-5535 (crash or buffer overread in SSL_select_next_proto) + (Closes: #1074487) + - CVE-2024-9143 (out-of-bounds access w/ certain elliptic curve APIs) + (Closes: #1085378). + 1.1.1n-0+deb10u6 [Tue, 15 Aug 2023 21:14:44 +0200] Anton Gladky <gladk@debian.org>: * Non-maintainer upload by the LTS Security Team. <http://piuparts.knut.univention.de/5.0-9/#2096082564328242114>
OK: bug OK: yaml OK: announce_errata OK: patch ~OK: piuparts *-dbgsym [5.0-9] 003c7285d5e Bug #57782: openssl 1.1.1n-0+deb10u7 doc/errata/staging/openssl.yaml | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x1186>