Package "libssl-dev"

Name:	libssl-dev
Description:	Secure Sockets Layer toolkit - development files
Latest version:	3.0.2-0ubuntu1.25
Release:	jammy (22.04)
Level:	updates
Repository:	main
Head package:	openssl
Homepage:	https://www.openssl.org/

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "libssl-dev"

32-bit deb package

64-bit deb package

APT INSTALL

Other versions of "libssl-dev" in Jammy

Repository	Area	Version
base	main	3.0.2-0ubuntu1
security	main	3.0.2-0ubuntu1.25

Changelog

Version: 3.0.2-0ubuntu1.25 2026-06-09 22:07:27 UTC

openssl (3.0.2-0ubuntu1.25) jammy-security; urgency=medium * SECURITY UPDATE: Heap Buffer Over-read in ASN.1 Content Parsing - debian/patches/CVE-2026-34180.patch: Avoid length truncation in ASN1_STRING_set in crypto/asn1/tasn_dec.c. - CVE-2026-34180 * SECURITY UPDATE: CMS AuthEnvelopedData Processing May Accept Forged Messages - debian/patches/CVE-2026-34182-pre1.patch: Ensure ossl_cms_EncryptedContent_init_bio() reports an error on no OID in crypto/cms/cms_enc.c, crypto/cms/cms_err.c, crypto/err/openssl.txt, include/openssl/cmserr.h. - debian/patches/CVE-2026-34182-1.patch: CMS: Produce error when AEAD algorithms are used in enveloped data in crypto/cms/cms_enc.c, crypto/cms/cms_env.c, crypto/cms/cms_err.c, crypto/cms/cms_local.h, crypto/err/openssl.txt, include/openssl/cmserr.h, test/cms-msg/enveloped- content-type-for-aes-gcm.pem, test/cmsapitest.c, test/recipes/80-test_cms.t. - debian/patches/CVE-2026-34182-2.patch: Reject potentially forged encrypted CMS AuthEnvelopedData messages in crypto/cms/cms_enc.c. - debian/patches/CVE-2026-34182-3.patch: Add tests for CVE-2026-34182 in test/cmsapitest.c. - CVE-2026-34182 * SECURITY UPDATE: Possible NULL Dereference in Password-Based CMS Decryption - debian/patches/CVE-2026-42766.patch: Fix potential NULL dereference processing CMS PasswordRecipientInfo in crypto/cms/cms_pwri.c. - CVE-2026-42766 * SECURITY UPDATE: NULL Pointer Dereference in CRMF EncryptedValue Decryption - debian/patches/CVE-2026-42767.patch: Fix potential NULL dereference in OSSL_CRMF_ENCRYPTEDVALUE_decrypt() in crypto/crmf/crmf_lib.c. - CVE-2026-42767 * SECURITY UPDATE: FFC-DH Peer Validation Uses Attacker-Supplied q - debian/patches/CVE-2026-42770.patch: Match the local q DHX parameter against the peer's q in providers/implementations/exchange/dh_exch.c. - CVE-2026-42770 * SECURITY UPDATE: AES-OCB IV Ignored on EVP_Cipher() Path - debian/patches/CVE-2026-45445.patch: Apply the buffered IV on the AES-OCB EVP_Cipher() path in providers/implementations/ciphers/cipher_aes_ocb.c, test/evp_extra_test.c. - CVE-2026-45445 * SECURITY UPDATE: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes - debian/patches/CVE-2026-45446.patch: Fix handling of empty-ciphertext messages in AES-SIV in providers/implementations/ciphers/cipher_aes_siv.c, test/evp_extra_test.c. - CVE-2026-45446 * SECURITY UPDATE: Heap Use-After-Free in OpenSSL PKCS7_verify() - debian/patches/CVE-2026-45447-pre1.patch: Revert unnecessary PKCS7_verify() performance optimization in crypto/pkcs7/pk7_smime.c. - debian/patches/CVE-2026-45447-1.patch: Fix possible use-after-free in OpenSSL PKCS7_verify() in crypto/pkcs7/pk7_smime.c. - debian/patches/CVE-2026-45447-2.patch: Test for CVE-2026-45447 (UAF in PKCS7_verify) in test/recipes/80-test_cms.t, test/smime-eml/pkcs7-empty- digest-set.eml. - CVE-2026-45447 * SECURITY UPDATE: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion - debian/patches/CVE-2026-7383.patch: Reject oversized inputs in ASN1_mbstring_ncopy() in crypto/asn1/a_mbstr.c. - CVE-2026-7383 * SECURITY UPDATE: Out-of-Bounds Read in CMS Password-Based Decryption - debian/patches/CVE-2026-9076.patch: cms: kek_unwrap_key: Fix out-of-bounds read in check-byte validation in crypto/cms/cms_pwri.c. - CVE-2026-9076 -- Marc Deslauriers <email address hidden> Tue, 02 Jun 2026 15:33:25 -0400

Source diff to previous version

CVE-2026-34180	Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a pr ...
CVE-2026-34182	Issue Summary: Cryptographic Message Services (CMS) processing fails t ...
CVE-2026-42766	Issue summary: A specially crafted password-encrypted CMS message can ...
CVE-2026-42767	Issue summary: An attacker-controlled CMP (Certificate Management Prot ...
CVE-2026-42770	Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X ...
CVE-2026-45445	Issue summary: When an application drives an AES-OCB context through t ...
CVE-2026-45446	Issue summary: The implementations of AES-SIV (RFC 5297) and AES-GCM-S ...
CVE-2026-45447	Issue summary: A specially crafted PKCS#7 or S/MIME signed message cou ...
CVE-2026-7383	Issue summary: A signed integer overflow when sizing the destination b ...
CVE-2026-9076	Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key ...

Version: 3.0.2-0ubuntu1.23 2026-04-09 05:09:43 UTC

openssl (3.0.2-0ubuntu1.23) jammy-security; urgency=medium * SECURITY UPDATE: NULL pointer dereference when processing an OCSP response - debian/patches/CVE-2026-28387.patch: dane_match_cert() should X509_free() on ->mcert instead of OPENSSL_free() in crypto/x509/x509_vfy.c. - CVE-2026-28387 * SECURITY UPDATE: NULL Pointer Dereference When Processing a Delta CRL - debian/patches/CVE-2026-28388-1.patch: fix NULL Dereference When Delta CRL Lacks CRL Number Extension in crypto/x509/x509_vfy.c. - debian/patches/CVE-2026-28388-2.patch: Added test in test/*. - CVE-2026-28388 * SECURITY UPDATE: Possible NULL dereference when processing CMS KeyAgreeRecipientInfo - debian/patches/CVE-2026-28389.patch: Fix NULL deref in [ec]dh_cms_set_shared_info in crypto/cms/cms_dh.c, crypto/cms/cms_ec.c. - CVE-2026-28389 * SECURITY UPDATE: Possible NULL Dereference When Processing CMS KeyTransportRecipientInfo - debian/patches/CVE-2026-28390.patch: Fix NULL deref in rsa_cms_decrypt in crypto/cms/cms_rsa.c. - CVE-2026-28390 * SECURITY UPDATE: Heap buffer overflow in hexadecimal conversion - debian/patches/CVE-2026-31789.patch: avoid possible buffer overflow in buf2hex conversion in crypto/o_str.c. - CVE-2026-31789 * SECURITY UPDATE: Incorrect failure handling in RSA KEM RSASVE encapsulation - debian/patches/CVE-2026-31790-1.patch: validate RSA_public_encrypt() result in RSASVE in providers/implementations/kem/rsa_kem.c. - debian/patches/CVE-2026-31790-2.patch: test RSA_public_encrypt() result in RSASVE in test/evp_extra_test.c. - CVE-2026-31790 -- Marc Deslauriers <email address hidden> Tue, 07 Apr 2026 08:05:56 -0400

Source diff to previous version

CVE-2026-28387	Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA reco
CVE-2026-28388	Issue summary: When a delta CRL that contains a Delta CRL Indicator extension is processed a NULL pointer dereference might happen if the required CR
CVE-2026-28389	Issue summary: During processing of a crafted CMS EnvelopedData message with KeyAgreeRecipientInfo a NULL pointer dereference can happen. Impact sum
CVE-2026-28390	Issue summary: During processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo a NULL pointer dereference can happen. Impact
CVE-2026-31789	Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit platforms. Impac
CVE-2026-31790	Issue summary: Applications using RSASVE key encapsulation to establish a secret encryption key can send contents of an uninitialized memory buffer t

Version: 3.0.2-0ubuntu1.21 2026-01-29 16:35:29 UTC

openssl (3.0.2-0ubuntu1.21) jammy-security; urgency=medium * SECURITY UPDATE: Stack buffer overflow in CMS AuthEnvelopedData parsing - debian/patches/CVE-2025-15467-1.patch: correct handling of AEAD-encrypted CMS with inadmissibly long IV in crypto/evp/evp_lib.c. - debian/patches/CVE-2025-15467-2.patch: some comments to clarify functions usage in crypto/asn1/evp_asn1.c. - debian/patches/CVE-2025-15467-3.patch: test for handling of AEAD-encrypted CMS with inadmissibly long IV in test/cmsapitest.c, test/recipes/80-test_cmsapi.t, test/recipes/80-test_cmsapi_data/encDataWithTooLongIV.pem. - CVE-2025-15467 * SECURITY UPDATE: Heap out-of-bounds write in BIO_f_linebuffer on short writes - debian/patches/CVE-2025-68160.patch: fix heap buffer overflow in BIO_f_linebuffer in crypto/bio/bf_lbuf.c. - CVE-2025-68160 * SECURITY UPDATE: Unauthenticated/unencrypted trailing bytes with low-level OCB function calls - debian/patches/CVE-2025-69418.patch: fix OCB AES-NI/HW stream path unauthenticated/unencrypted trailing bytes in crypto/modes/ocb128.c. - CVE-2025-69418 * SECURITY UPDATE: Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion - debian/patches/CVE-2025-69419.patch: check return code of UTF8_putc in crypto/asn1/a_strex.c, crypto/pkcs12/p12_utl.c. - CVE-2025-69419 * SECURITY UPDATE: Missing ASN1_TYPE validation in TS_RESP_verify_response() function - debian/patches/CVE-2025-69420.patch: verify ASN1 object's types before attempting to access them as a particular type in crypto/ts/ts_rsp_verify.c. - CVE-2025-69420 * SECURITY UPDATE: NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex - debian/patches/CVE-2025-69421.patch: add NULL check in crypto/pkcs12/p12_decr.c. - CVE-2025-69421 * SECURITY UPDATE: ASN1_TYPE missing validation and type confusion - debian/patches/CVE-2026-2279x.patch: ensure ASN1 types are checked before use in apps/s_client.c, crypto/pkcs12/p12_kiss.c, crypto/pkcs7/pk7_doit.c. - CVE-2026-22795 - CVE-2026-22796 -- Marc Deslauriers <email address hidden> Mon, 26 Jan 2026 07:32:08 -0500

Source diff to previous version

CVE-2025-15467	Issue summary: Parsing CMS AuthEnvelopedData message with maliciously ...
CVE-2025-68160	Issue summary: Writing large, newline-free data into a BIO chain using ...
CVE-2025-69418	Issue summary: When using the low-level OCB API directly with AES-NI o ...
CVE-2025-69419	Issue summary: Calling PKCS12_get_friendlyname() function on a malicio ...
CVE-2025-69420	Issue summary: A type confusion vulnerability exists in the TimeStamp ...
CVE-2025-69421	Issue summary: Processing a malformed PKCS#12 file can trigger a NULL ...
CVE-2026-22795	Issue summary: An invalid or NULL pointer dereference can happen in an ...
CVE-2026-22796	Issue summary: A type confusion vulnerability exists in the signature ...

Version: 3.0.2-0ubuntu1.20 2025-09-30 20:06:59 UTC

openssl (3.0.2-0ubuntu1.20) jammy-security; urgency=medium * SECURITY UPDATE: Out-of-bounds read & write in RFC 3211 KEK Unwrap - debian/patches/CVE-2025-9230.patch: fix incorrect check of unwrapped key size in crypto/cms/cms_pwri.c. - CVE-2025-9230 -- Marc Deslauriers <email address hidden> Thu, 18 Sep 2025 08:06:16 -0400

Source diff to previous version

CVE-2025-9230

Out-of-bounds read & write in RFC 3211 KEK Unwrap

Version: 3.0.2-0ubuntu1.19 2025-02-21 02:06:59 UTC

openssl (3.0.2-0ubuntu1.19) jammy-security; urgency=medium * SECURITY UPDATE: Low-level invalid GF(2^m) parameters lead to OOB memory access - debian/patches/CVE-2024-9143.patch: harden BN_GF2m_poly2arr against misuse in crypto/bn/bn_gf2m.c, test/ec_internal_test.c. - CVE-2024-9143 * SECURITY UPDATE: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation - debian/patches/CVE-2024-13176.patch: Fix timing side-channel in ECDSA signature computation in crypto/bn/bn_exp.c, crypto/ec/ec_lib.c, include/crypto/bn.h. - CVE-2024-13176 -- Marc Deslauriers <email address hidden> Wed, 05 Feb 2025 08:19:41 -0500

CVE-2024-9143	Issue summary: Use of the low-level GF(2^m) elliptic curve APIs with untrusted explicit values for the field polynomial can lead to out-of-bounds mem
CVE-2024-13176	Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation. Impact summ

About - Send Feedback to @ubuntu_updates

Package "libssl-dev"

Links

Download "libssl-dev"

Other versions of "libssl-dev" in Jammy

Changelog

Share this page

Bookmarks

Latest updates

updates

security

proposed

PPA updates