UbuntuUpdates.org

Package "openssl"

Name: openssl

Description:

Secure Sockets Layer toolkit - cryptographic utility
Latest version: 3.4.1-1ubuntu4
Release: plucky (25.04)
Level: security
Repository: main
Homepage: https://www.openssl.org/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "openssl"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "openssl" in Plucky

Repository Area Version
base main 3.4.1-1ubuntu3
updates main 3.4.1-1ubuntu4

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 3.4.1-1ubuntu4 2025-09-30 18:07:13 UTC

  openssl (3.4.1-1ubuntu4) plucky-security; urgency=medium

  * SECURITY UPDATE: Out-of-bounds read & write in RFC 3211 KEK Unwrap
    - debian/patches/CVE-2025-9230.patch: fix incorrect check of unwrapped
      key size in crypto/cms/cms_pwri.c.
    - CVE-2025-9230
  * SECURITY UPDATE: Timing side-channel in SM2 algorithm on 64 bit ARM
    - debian/patches/CVE-2025-9231-1.patch: use constant time modular
      inversion in crypto/ec/ecp_sm2p256.c.
    - debian/patches/CVE-2025-9231-2.patch: remove unused code in
      crypto/ec/ecp_sm2p256.c.
    - CVE-2025-9231
  * SECURITY UPDATE: Out-of-bounds read in HTTP client no_proxy handling
    - debian/patches/CVE-2025-9232.patch: add missing terminating NUL byte
      in crypto/http/http_lib.c.
    - CVE-2025-9232

 -- Marc Deslauriers <email address hidden> Thu, 18 Sep 2025 07:07:45 -0400
CVE-2025-9230 Out-of-bounds read & write in RFC 3211 KEK Unwrap
CVE-2025-9231 Timing side-channel in SM2 algorithm on 64 bit ARM
CVE-2025-9232 Out-of-bounds read in HTTP client no_proxy handling


About   -   Send Feedback to @ubuntu_updates