UbuntuUpdates.org

Package "openssl"

Name: openssl

Description:

Secure Sockets Layer toolkit - cryptographic utility
Latest version: 3.0.2-0ubuntu1.21
Release: jammy (22.04)
Level: security
Repository: main
Homepage: https://www.openssl.org/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "openssl"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "openssl" in Jammy

Repository Area Version
base main 3.0.2-0ubuntu1
updates main 3.0.2-0ubuntu1.20

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 3.0.2-0ubuntu1.21 2026-01-27 21:16:17 UTC

  openssl (3.0.2-0ubuntu1.21) jammy-security; urgency=medium

  * SECURITY UPDATE: Stack buffer overflow in CMS AuthEnvelopedData parsing
    - debian/patches/CVE-2025-15467-1.patch: correct handling of
      AEAD-encrypted CMS with inadmissibly long IV in crypto/evp/evp_lib.c.
    - debian/patches/CVE-2025-15467-2.patch: some comments to clarify
      functions usage in crypto/asn1/evp_asn1.c.
    - debian/patches/CVE-2025-15467-3.patch: test for handling of
      AEAD-encrypted CMS with inadmissibly long IV in test/cmsapitest.c,
      test/recipes/80-test_cmsapi.t,
      test/recipes/80-test_cmsapi_data/encDataWithTooLongIV.pem.
    - CVE-2025-15467
  * SECURITY UPDATE: Heap out-of-bounds write in BIO_f_linebuffer on short
    writes
    - debian/patches/CVE-2025-68160.patch: fix heap buffer overflow in
      BIO_f_linebuffer in crypto/bio/bf_lbuf.c.
    - CVE-2025-68160
  * SECURITY UPDATE: Unauthenticated/unencrypted trailing bytes with
    low-level OCB function calls
    - debian/patches/CVE-2025-69418.patch: fix OCB AES-NI/HW stream path
      unauthenticated/unencrypted trailing bytes in crypto/modes/ocb128.c.
    - CVE-2025-69418
  * SECURITY UPDATE: Out of bounds write in PKCS12_get_friendlyname() UTF-8
    conversion
    - debian/patches/CVE-2025-69419.patch: check return code of UTF8_putc
      in crypto/asn1/a_strex.c, crypto/pkcs12/p12_utl.c.
    - CVE-2025-69419
  * SECURITY UPDATE: Missing ASN1_TYPE validation in
    TS_RESP_verify_response() function
    - debian/patches/CVE-2025-69420.patch: verify ASN1 object's types
      before attempting to access them as a particular type in
      crypto/ts/ts_rsp_verify.c.
    - CVE-2025-69420
  * SECURITY UPDATE: NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex
    - debian/patches/CVE-2025-69421.patch: add NULL check in
      crypto/pkcs12/p12_decr.c.
    - CVE-2025-69421
  * SECURITY UPDATE: ASN1_TYPE missing validation and type confusion
    - debian/patches/CVE-2026-2279x.patch: ensure ASN1 types are checked
      before use in apps/s_client.c, crypto/pkcs12/p12_kiss.c,
      crypto/pkcs7/pk7_doit.c.
    - CVE-2026-22795
    - CVE-2026-22796

 -- Marc Deslauriers <email address hidden> Mon, 26 Jan 2026 07:32:08 -0500
Source diff to previous version
CVE-2025-15467 Issue summary: Parsing CMS AuthEnvelopedData message with maliciously ...
CVE-2025-68160 Issue summary: Writing large, newline-free data into a BIO chain using ...
CVE-2025-69418 Issue summary: When using the low-level OCB API directly with AES-NI o ...
CVE-2025-69419 Issue summary: Calling PKCS12_get_friendlyname() function on a malicio ...
CVE-2025-69420 Issue summary: A type confusion vulnerability exists in the TimeStamp ...
CVE-2025-69421 Issue summary: Processing a malformed PKCS#12 file can trigger a NULL ...
CVE-2026-22795 Issue summary: An invalid or NULL pointer dereference can happen in an ...
CVE-2026-22796 Issue summary: A type confusion vulnerability exists in the signature ...

Version: 3.0.2-0ubuntu1.20 2025-09-30 19:06:55 UTC

  openssl (3.0.2-0ubuntu1.20) jammy-security; urgency=medium

  * SECURITY UPDATE: Out-of-bounds read & write in RFC 3211 KEK Unwrap
    - debian/patches/CVE-2025-9230.patch: fix incorrect check of unwrapped
      key size in crypto/cms/cms_pwri.c.
    - CVE-2025-9230

 -- Marc Deslauriers <email address hidden> Thu, 18 Sep 2025 08:06:16 -0400
Source diff to previous version
CVE-2025-9230 Out-of-bounds read & write in RFC 3211 KEK Unwrap

Version: 3.0.2-0ubuntu1.19 2025-02-20 23:07:15 UTC

  openssl (3.0.2-0ubuntu1.19) jammy-security; urgency=medium

  * SECURITY UPDATE: Low-level invalid GF(2^m) parameters lead to OOB
    memory access
    - debian/patches/CVE-2024-9143.patch: harden BN_GF2m_poly2arr against
      misuse in crypto/bn/bn_gf2m.c, test/ec_internal_test.c.
    - CVE-2024-9143
  * SECURITY UPDATE: A timing side-channel which could potentially allow
    recovering the private key exists in the ECDSA signature computation
    - debian/patches/CVE-2024-13176.patch: Fix timing side-channel in
      ECDSA signature computation in crypto/bn/bn_exp.c,
      crypto/ec/ec_lib.c, include/crypto/bn.h.
    - CVE-2024-13176

 -- Marc Deslauriers <email address hidden> Wed, 05 Feb 2025 08:19:41 -0500
Source diff to previous version
CVE-2024-9143 Issue summary: Use of the low-level GF(2^m) elliptic curve APIs with untrusted explicit values for the field polynomial can lead to out-of-bounds mem
CVE-2024-13176 Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation. Impact summ

Version: 3.0.2-0ubuntu1.18 2024-09-03 17:06:58 UTC
No changelog available yet.
Source diff to previous version

Version: 3.0.2-0ubuntu1.17 2024-07-31 18:07:13 UTC

  openssl (3.0.2-0ubuntu1.17) jammy-security; urgency=medium

  * SECURITY UPDATE: unbounded mem growth when processing TLSv1.3 sessions
    - debian/patches/CVE-2024-2511.patch: fix unconstrained session cache
      growth in TLSv1.3 in ssl/ssl_lib.c, ssl/ssl_sess.c,
      ssl/statem/statem_srvr.c.
    - CVE-2024-2511
  * SECURITY UPDATE: checking excessively long DSA keys or params very slow
    - debian/patches/CVE-2024-4603.patch: check DSA parameters for
      excessive sizes before validating in crypto/dsa/dsa_check.c,
      test/recipes/15-test_dsaparam_data/invalid/p10240_q256_too_big.pem.
    - CVE-2024-4603
  * SECURITY UPDATE: use after free with SSL_free_buffers
    - debian/patches/CVE-2024-4741.patch: only free the read buffers if
      we're not using them in ssl/record/rec_layer_s3.c,
      ssl/record/record.h, ssl/ssl_lib.c.
    - CVE-2024-4741
  * SECURITY UPDATE: crash or memory disclosure via SSL_select_next_proto
    - debian/patches/CVE-2024-5535.patch: validate provided client list in
      ssl/ssl_lib.c.
    - CVE-2024-5535

 -- Marc Deslauriers <email address hidden> Tue, 30 Jul 2024 11:18:05 -0400
CVE-2024-2511 Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An atta
CVE-2024-4603 Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVP_PKEY_param
CVE-2024-4741 Use After Free with SSL_free_buffers
CVE-2024-5535 Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory con


About   -   Send Feedback to @ubuntu_updates