UbuntuUpdates.org

Package "openssl"

Name: openssl

Description:

Secure Sockets Layer toolkit - cryptographic utility
Latest version: 1.1.1f-1ubuntu2.24
Release: focal (20.04)
Level: security
Repository: main
Homepage: https://www.openssl.org/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "openssl"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "openssl" in Focal

Repository Area Version
base main 1.1.1f-1ubuntu2
updates main 1.1.1f-1ubuntu2.24

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1.1.1f-1ubuntu2.24 2025-02-20 23:07:02 UTC

  openssl (1.1.1f-1ubuntu2.24) focal-security; urgency=medium

  * SECURITY UPDATE: Low-level invalid GF(2^m) parameters lead to OOB
    memory access
    - debian/patches/CVE-2024-9143.patch: harden BN_GF2m_poly2arr against
      misuse in crypto/bn/bn_gf2m.c, test/ec_internal_test.c.
    - CVE-2024-9143
  * SECURITY UPDATE: A timing side-channel which could potentially allow
    recovering the private key exists in the ECDSA signature computation
    - debian/patches/CVE-2024-13176.patch: Fix timing side-channel in
      ECDSA signature computation in crypto/bn/bn_exp.c,
      crypto/ec/ec_lib.c, include/crypto/bn.h.
    - CVE-2024-13176

 -- Marc Deslauriers <email address hidden> Wed, 05 Feb 2025 08:26:48 -0500
Source diff to previous version
CVE-2024-9143 Issue summary: Use of the low-level GF(2^m) elliptic curve APIs with untrusted explicit values for the field polynomial can lead to out-of-bounds mem
CVE-2024-13176 Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation. Impact summ

Version: 1.1.1f-1ubuntu2.23 2024-07-31 18:07:11 UTC

  openssl (1.1.1f-1ubuntu2.23) focal-security; urgency=medium

  * SECURITY UPDATE: unbounded mem growth when processing TLSv1.3 sessions
    - debian/patches/CVE-2024-2511.patch: fix unconstrained session cache
      growth in TLSv1.3 in ssl/ssl_lib.c, ssl/ssl_sess.c,
      ssl/statem/statem_srvr.c.
    - CVE-2024-2511
  * SECURITY UPDATE: use after free with SSL_free_buffers
    - debian/patches/CVE-2024-4741.patch: only free the read buffers if
      we're not using them in ssl/record/rec_layer_s3.c,
      ssl/record/record.h, ssl/ssl_lib.c.
    - CVE-2024-4741
  * SECURITY UPDATE: crash or memory disclosure via SSL_select_next_proto
    - debian/patches/CVE-2024-5535.patch: validate provided client list in
      ssl/ssl_lib.c.
    - CVE-2024-5535

 -- Marc Deslauriers <email address hidden> Tue, 30 Jul 2024 12:36:54 -0400
Source diff to previous version
CVE-2024-2511 Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An atta
CVE-2024-4741 Use After Free with SSL_free_buffers
CVE-2024-5535 Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory con

Version: 1.1.1f-1ubuntu2.22 2024-02-27 11:06:53 UTC

  openssl (1.1.1f-1ubuntu2.22) focal-security; urgency=medium

  * SECURITY UPDATE: Implicit rejection for RSA PKCS#1 (LP: #2054090)
    - debian/patches/openssl-1.1.1-pkcs1-implicit-rejection.patch:
      Return deterministic random output instead of an error in case
      there is a padding error in crypto/cms/cms_env.c,
      crypto/pkcs7/pk7_doit.c, crypto/rsa/rsa_local.h,
      crypto/rsa/rsa_ossl.c, crypto/rsa/rsa_pk1.c, crypto/rsa/rsa_pmeth.c,
      doc/man1/pkeyutl.pod, doc/man1/rsautl.pod,
      doc/man3/EVP_PKEY_CTX_ctrl.pod, doc/man3/EVP_PKEY_decrypt.pod,
      doc/man3/RSA_padding_add_PKCS1_type_1.pod,
      doc/man3/RSA_public_encrypt.pod, include/openssl/rsa.h and
      test/recipes/30-test_evp_data/evppkey.txt.

 -- David Fernandez Gonzalez <email address hidden> Fri, 16 Feb 2024 16:41:31 +0100
Source diff to previous version
2054090 Implicit rejection of PKCS#1 v1.5 RSA

Version: 1.1.1f-1ubuntu2.21 2024-02-05 12:07:59 UTC

  openssl (1.1.1f-1ubuntu2.21) focal-security; urgency=medium

  * SECURITY UPDATE: Excessive time spent in DH check / generation with
    large Q parameter value
    - debian/patches/CVE-2023-5678.patch: make DH_check_pub_key() and
      DH_generate_key() safer yet in crypto/dh/dh_check.c,
      crypto/dh/dh_err.c, crypto/dh/dh_key.c, crypto/err/openssl.txt,
      include/openssl/dh.h, include/openssl/dherr.h.
    - CVE-2023-5678
  * SECURITY UPDATE: PKCS12 Decoding crashes
    - debian/patches/CVE-2024-0727.patch: add NULL checks where ContentInfo
      data can be NULL in crypto/pkcs12/p12_add.c,
      crypto/pkcs12/p12_mutl.c, crypto/pkcs12/p12_npas.c,
      crypto/pkcs7/pk7_mime.c.
    - CVE-2024-0727

 -- Marc Deslauriers <email address hidden> Wed, 31 Jan 2024 15:45:27 -0500
Source diff to previous version
CVE-2023-5678 Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary:
CVE-2024-0727 Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summa

Version: 1.1.1f-1ubuntu2.20 2023-10-25 11:13:40 UTC

  openssl (1.1.1f-1ubuntu2.20) focal-security; urgency=medium

  * SECURITY UPDATE: denial of service
    - debian/patches/CVE-2023-3446.patch: adds check to prevent the testing of
      an excessively large modulus in DH_check().
    - CVE-2023-3446
  * SECURITY UPDATE: denial of service
    - debian/patches/CVE-2023-3817.patch: adds check to prevent the testing of
      invalid q values in DH_check().
    - CVE-2023-3817

 -- Ian Constantin <email address hidden> Tue, 10 Oct 2023 12:03:48 +0300


About   -   Send Feedback to @ubuntu_updates