Package "openssl"

Name:	openssl
Description:	Secure Sockets Layer toolkit - cryptographic utility
Latest version:	3.0.2-0ubuntu1.23
Release:	jammy (22.04)
Level:	security
Repository:	main
Homepage:	https://www.openssl.org/

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "openssl"

32-bit deb package

64-bit deb package

APT INSTALL

Other versions of "openssl" in Jammy

Repository	Area	Version
base	main	3.0.2-0ubuntu1
updates	main	3.0.2-0ubuntu1.23

Packages in group

Deleted packages are displayed in grey.

Changelog

Version: 3.0.2-0ubuntu1.17 2024-07-31 18:07:13 UTC

openssl (3.0.2-0ubuntu1.17) jammy-security; urgency=medium * SECURITY UPDATE: unbounded mem growth when processing TLSv1.3 sessions - debian/patches/CVE-2024-2511.patch: fix unconstrained session cache growth in TLSv1.3 in ssl/ssl_lib.c, ssl/ssl_sess.c, ssl/statem/statem_srvr.c. - CVE-2024-2511 * SECURITY UPDATE: checking excessively long DSA keys or params very slow - debian/patches/CVE-2024-4603.patch: check DSA parameters for excessive sizes before validating in crypto/dsa/dsa_check.c, test/recipes/15-test_dsaparam_data/invalid/p10240_q256_too_big.pem. - CVE-2024-4603 * SECURITY UPDATE: use after free with SSL_free_buffers - debian/patches/CVE-2024-4741.patch: only free the read buffers if we're not using them in ssl/record/rec_layer_s3.c, ssl/record/record.h, ssl/ssl_lib.c. - CVE-2024-4741 * SECURITY UPDATE: crash or memory disclosure via SSL_select_next_proto - debian/patches/CVE-2024-5535.patch: validate provided client list in ssl/ssl_lib.c. - CVE-2024-5535 -- Marc Deslauriers <email address hidden> Tue, 30 Jul 2024 11:18:05 -0400

Source diff to previous version

CVE-2024-2511	Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An atta
CVE-2024-4603	Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVP_PKEY_param
CVE-2024-4741	Use After Free with SSL_free_buffers
CVE-2024-5535	Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory con

Version: 3.0.2-0ubuntu1.16 2024-06-27 03:07:10 UTC

openssl (3.0.2-0ubuntu1.16) jammy-security; urgency=medium * SECURITY UPDATE: Excessive time spent in DH modular-exponentiation calcuations when using long exponents. - debian/patches/CVE-2022-40735-1.patch: Use the minimum key length for known safe primes as per RFC 7919 in crypto/dh/dh_group_params.c, crypto/ffc/ffc_backend.c, crypto/ffc/ffc_dh.c, crypto/ffc/ffc_key_generate.c, include/internal/ffc.h and test/ffc_internal_test.c - debian/patches/CVE-2022-40735-2.patch: print DH key length in providers/implementations/encode_decode/encode_key2text.c, test/recipes/30-test_evp_pkey_provided/DH.priv.txt and test/recipes/30-test_evp_pkey_provided/DH.pub.txt - debian/patches/CVE-2022-40735-3.patch: test that short private keys are generated when using a known safe DH prime in test/evp_extra_test2.c - debian/patches/CVE-2022-40735-4.patch: copy keylength when copying FFC parameters in crypto/ffc/ffc_params.c and test/ffc_internal_test.c - CVE-2022-40735 -- Alex Murray <email address hidden> Wed, 05 Jun 2024 12:58:14 +0930

Source diff to previous version

CVE-2022-40735

The Diffie-Hellman Key Agreement Protocol allows use of long exponents that arguably make certain calculations unnecessarily expensive, because the 1

Version: 3.0.2-0ubuntu1.15 2024-02-27 11:06:55 UTC

openssl (3.0.2-0ubuntu1.15) jammy-security; urgency=medium * SECURITY UPDATE: Implicit rejection for RSA PKCS#1 (LP: #2054090) - debian/patches/openssl-pkcs1-implicit-rejection.patch: Return deterministic random output instead of an error in case there is a padding error in crypto/cms/cms_env.c, crypto/evp/ctrl_params_translate.c, crypto/pkcs7/pk7_doit.c, crypto/rsa/rsa_ossl.c, crypto/rsa/rsa_pk1.c, crypto/rsa/rsa_pmeth.c, doc/man1/openssl-pkeyutl.pod.in, doc/man1/openssl-rsautl.pod.in, doc/man3/EVP_PKEY_CTX_ctrl.pod, doc/man3/EVP_PKEY_decrypt.pod, doc/man3/RSA_padding_add_PKCS1_type_1.pod, doc/man3/RSA_public_encrypt.pod, doc/man7/provider-asym_cipher.pod, include/crypto/rsa.h, include/openssl/core_names.h, include/openssl/rsa.h, providers/implementations/asymciphers/rsa_enc.c and test/recipes/30-test_evp_data/evppkey_rsa_common.txt. -- David Fernandez Gonzalez <email address hidden> Fri, 16 Feb 2024 09:51:30 +0100

Source diff to previous version

2054090

Implicit rejection of PKCS#1 v1.5 RSA

Version: 3.0.2-0ubuntu1.14 2024-02-05 12:08:00 UTC

openssl (3.0.2-0ubuntu1.14) jammy-security; urgency=medium * SECURITY UPDATE: Excessive time spent in DH check / generation with large Q parameter value - debian/patches/CVE-2023-5678.patch: make DH_check_pub_key() and DH_generate_key() safer yet in crypto/dh/dh_check.c, crypto/dh/dh_err.c, crypto/dh/dh_key.c, crypto/err/openssl.txt, include/crypto/dherr.h, include/openssl/dh.h, include/openssl/dherr.h. - CVE-2023-5678 * SECURITY UPDATE: POLY1305 MAC implementation corrupts vector registers on PowerPC - debian/patches/CVE-2023-6129.patch: fix vector register clobbering in crypto/poly1305/asm/poly1305-ppc.pl. - CVE-2023-6129 * SECURITY UPDATE: Excessive time spent checking invalid RSA public keys - debian/patches/CVE-2023-6237.patch: limit the execution time of RSA public key check in crypto/rsa/rsa_sp800_56b_check.c, test/recipes/91-test_pkey_check.t, test/recipes/91-test_pkey_check_data/rsapub_17k.pem. - CVE-2023-6237 * SECURITY UPDATE: PKCS12 Decoding crashes - debian/patches/CVE-2024-0727.patch: add NULL checks where ContentInfo data can be NULL in crypto/pkcs12/p12_add.c, crypto/pkcs12/p12_mutl.c, crypto/pkcs12/p12_npas.c, crypto/pkcs7/pk7_mime.c. - CVE-2024-0727 -- Marc Deslauriers <email address hidden> Wed, 31 Jan 2024 13:43:23 -0500

Source diff to previous version

CVE-2023-5678	Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary:
CVE-2023-6129	Issue summary: The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications run
CVE-2023-6237	openssl: Checking excessively long invalid RSA public keys may take a long time
CVE-2024-0727	Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summa

Version: 3.0.2-0ubuntu1.12 2023-10-24 16:06:54 UTC

openssl (3.0.2-0ubuntu1.12) jammy-security; urgency=medium [ Marc Deslauriers ] * SECURITY UPDATE: AES-SIV implementation ignores empty associated data entries - debian/patches/CVE-2023-2975.patch: do not ignore empty associated data with AES-SIV mode in providers/implementations/ciphers/cipher_aes_siv.c. - CVE-2023-2975 * SECURITY UPDATE: Incorrect cipher key and IV length processing - debian/patches/CVE-2023-5363-1.patch: process key length and iv length early if present in crypto/evp/evp_enc.c. - debian/patches/CVE-2023-5363-2.patch: add unit test in test/evp_extra_test.c. - CVE-2023-5363 [ Ian Constantin ] * SECURITY UPDATE: denial of service - debian/patches/CVE-2023-3446.patch: adds check to prevent the testing of an excessively large modulus in DH_check(). - CVE-2023-3446 * SECURITY UPDATE: denial of service - debian/patches/CVE-2023-3817.patch: adds check to prevent the testing of invalid q values in DH_check(). - CVE-2023-3817 -- Marc Deslauriers <email address hidden> Fri, 13 Oct 2023 08:02:49 -0400

CVE-2023-5363

Incorrect cipher key & IV length processing

About - Send Feedback to @ubuntu_updates

Package "openssl"

Links

Download "openssl"

Other versions of "openssl" in Jammy

Packages in group

Changelog

Share this page

Bookmarks

Latest updates

base

proposed

updates

PPA updates