-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 24 Jan 2026 16:01:59 +0100
Source: openssl
Binary: libcrypto3-udeb libssl-dev libssl3 libssl3-dbgsym libssl3-udeb openssl openssl-dbgsym
Architecture: amd64
Version: 3.0.18-1~deb12u2
Distribution: bookworm-security
Urgency: medium
Maintainer: all / amd64 / i386 Build Daemon (x86-conova-01) <buildd_amd64-x86-conova-01@buildd.debian.org>
Changed-By: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Description:
 libcrypto3-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb)
 libssl-dev - Secure Sockets Layer toolkit - development files
 libssl3    - Secure Sockets Layer toolkit - shared libraries
 libssl3-udeb - ssl shared library - udeb (udeb)
 openssl    - Secure Sockets Layer toolkit - cryptographic utility
Changes:
 openssl (3.0.18-1~deb12u2) bookworm-security; urgency=medium
 .
   * CVE-2025-15467 (Stack buffer overflow in CMS AuthEnvelopedData parsing)
   * CVE-2025-68160 (Heap out-of-bounds write in BIO_f_linebuffer on short
     writes)
   * CVE-2025-69418 (Unauthenticated/unencrypted trailing bytes with low-level
     OCB function calls)
   * CVE-2025-69419 (Out of bounds write in PKCS12_get_friendlyname() UTF-8
     conversion)
   * CVE-2025-69420 (Missing ASN1_TYPE validation in TS_RESP_verify_response()
     function)
   * CVE-2025-69421 (NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex
     function)
   * CVE-2026-22795 (Missing ASN1_TYPE validation in PKCS#12 parsing)
   * CVE-2026-22796 (ASN1_TYPE Type Confusion in the
     PKCS7_digest_from_attributes() function)
Checksums-Sha1:
 3d6fdf8b14341a0a80c9d57c6f2478d572c612ba 1526160 libcrypto3-udeb_3.0.18-1~deb12u2_amd64.udeb
 46f02bd291384f0fe401e0dde9291cba920b01c5 2443576 libssl-dev_3.0.18-1~deb12u2_amd64.deb
 4e7246277ba635ff5373a29b323a94022a4cdcdb 4789968 libssl3-dbgsym_3.0.18-1~deb12u2_amd64.deb
 4f90454dd4ae41babc5d7e58b96a10d561f5f6d9 222368 libssl3-udeb_3.0.18-1~deb12u2_amd64.udeb
 57b57d69a9dd1cab354af280b1f503f32a1bc5a6 2029516 libssl3_3.0.18-1~deb12u2_amd64.deb
 453329fedfd2c9574dfd3e77eccd49f0d33dd331 689896 openssl-dbgsym_3.0.18-1~deb12u2_amd64.deb
 1f5129a04198745b3cb17f8204ebdf11895f9b13 7821 openssl_3.0.18-1~deb12u2_amd64-buildd.buildinfo
 e1e61befe485b38387e2c1219c629c58d807c5b0 1432700 openssl_3.0.18-1~deb12u2_amd64.deb
Checksums-Sha256:
 57da94217fd2300a646a0263cf2f141ef3651cb56918a344ae85af2f1f3113fc 1526160 libcrypto3-udeb_3.0.18-1~deb12u2_amd64.udeb
 c81978f238e38d1f254332a5deccc5c8044b11d561e4c008b492292bea5cf9f6 2443576 libssl-dev_3.0.18-1~deb12u2_amd64.deb
 d0f7595cf4d141eb1a954ce209310324fb4db028a90665eb7657504eca255337 4789968 libssl3-dbgsym_3.0.18-1~deb12u2_amd64.deb
 e9dd228e38f2f739bd7216d5b3faae5e4c4d270a1b6b218664aedd57d3191ffd 222368 libssl3-udeb_3.0.18-1~deb12u2_amd64.udeb
 ed44f11b74763cded2ad406f4de4d585ea27b0ce6377e7c8d98c2ddf2ed35cb3 2029516 libssl3_3.0.18-1~deb12u2_amd64.deb
 0e61c6aa36a0877b4cb6a3506554eb3bbb6a7a987bd7c7311569cf11d09e598f 689896 openssl-dbgsym_3.0.18-1~deb12u2_amd64.deb
 392573793c5d44353c96cd8cb8ab8b92f5813a9474a4068d691fb6bd070fa87e 7821 openssl_3.0.18-1~deb12u2_amd64-buildd.buildinfo
 9107c374e0f760d5d7c9c7372788d4e618e1433db4fdef9a3a25788dfd5588bb 1432700 openssl_3.0.18-1~deb12u2_amd64.deb
Files:
 a2fb37164ea3a37920c999789733d165 1526160 debian-installer optional libcrypto3-udeb_3.0.18-1~deb12u2_amd64.udeb
 b6cee0b7e50434114e3d2463c9f3ccf1 2443576 libdevel optional libssl-dev_3.0.18-1~deb12u2_amd64.deb
 704b824245d40a9558f8e69728084d50 4789968 debug optional libssl3-dbgsym_3.0.18-1~deb12u2_amd64.deb
 72e4e34a95d62642cc9c379f0423d11a 222368 debian-installer optional libssl3-udeb_3.0.18-1~deb12u2_amd64.udeb
 4d04f96087054a0bdca5806bc515f45f 2029516 libs optional libssl3_3.0.18-1~deb12u2_amd64.deb
 1cda0093b031ba24569470f7584e885a 689896 debug optional openssl-dbgsym_3.0.18-1~deb12u2_amd64.deb
 1284f3e63fb6f4dd59e54f61392e937d 7821 utils optional openssl_3.0.18-1~deb12u2_amd64-buildd.buildinfo
 e5cdc7b51991a433f40eb305039561d7 1432700 utils optional openssl_3.0.18-1~deb12u2_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEaPzFtKPtF0JrKPV5iZlfn74WV6kFAml0+EsACgkQiZlfn74W
V6mFtA/+NquI9lRE6GBhaxmSOzRY9d+u1k5s9onZ7+A0wAzl4bTF8NW0+kbZ/QQP
8wWoZctMm4LmfxagVTagPfNPwWKYOOvBqPkydGuUue1gX78CUNxA79+4wnD0Do6t
p9zvZOW8QFfC//wvYOri4Xdeyhklx+SBaagsaSLd4jovFRihEN3c6ifTOY4OWL79
98WK0g4A9GP+r3E19oscAu0WBx4+wHgFRa99Uzniqf0S47Mn59v+aupia0P/u2c0
00NXR8MQI5WWQ2W8S1vULAKj8VY13t7FkQat2gSRyDwzvN49DdRo8vIP5EC1qDZW
nOQO5IJ/IUdGygpcY6zm63rwmiCjRAzU5ajOG5roXiiTHgkGaU+KhhI4dfd/sypo
+LBMxO7xXRQgMtfmftg0hmfNwx87MF0ZxY1lKZFMPgPTwkXrRajRFMBHt6StPTnj
GzH2Vc/+pvgsMFtQr3ys5bGgYithD97GDtelfk+UkexuTHy9xDm6iu1bI7/qGezZ
1ajaRoRADnOuHpamILp6Zcj/UWl03ueHy2o1vLbAF8AvjxzRSSjgxmmBgi332ErA
uiJGSadmRHrxU2A8TEIdHhn2eIUfpoyCd4sNdaiPhJK12ca4K297nvgvgP12clSA
xrPANStcUPEKIXONyiDbqZGVIkQIwP6KW1yKjQ0qtjlJInA+zgU=
=sVfh
-----END PGP SIGNATURE-----