-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 06 Jun 2026 21:56:20 +0200
Source: openssl
Binary: libcrypto3-udeb libssl-dev libssl3 libssl3-dbgsym libssl3-udeb openssl openssl-dbgsym
Architecture: amd64
Version: 3.0.20-1~deb12u2
Distribution: bookworm-security
Urgency: medium
Maintainer: all / amd64 / i386 Build Daemon (x86-conova-01) <buildd_amd64-x86-conova-01@buildd.debian.org>
Changed-By: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Description:
 libcrypto3-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb)
 libssl-dev - Secure Sockets Layer toolkit - development files
 libssl3    - Secure Sockets Layer toolkit - shared libraries
 libssl3-udeb - ssl shared library - udeb (udeb)
 openssl    - Secure Sockets Layer toolkit - cryptographic utility
Changes:
 openssl (3.0.20-1~deb12u2) bookworm-security; urgency=medium
 .
   * CVE-2026-7383 ("Possible Heap Buffer Overflow in ASN.1 Multibyte String
     Conversion")
   * CVE-2026-9076 ("Out-of-Bounds Read in CMS Password-Based Decryption")
   * CVE-2026-34180 ("Heap Buffer Over-read in ASN.1 Content Parsing")
   * CVE-2026-34182 ("CMS AuthEnvelopedData Processing May Accept Forged
     Messages")
   * CVE-2026-42766 ("Possible NULL Dereference in Password-Based CMS
     Decryption")
   * CVE-2026-42770 ("FFC-DH Peer Validation Uses Attacker-Supplied q")
   * CVE-2026-45445 ("AES-OCB IV Ignored on EVP_Cipher() Path")
   * CVE-2026-45446 ("Incorrect Tag Processing for Empty Messages in
     AES-GCM-SIV and AES-SIV modes")
   * CVE-2026-45447 ("Heap Use-After-Free in OpenSSL PKCS7_verify()")
Checksums-Sha1:
 5ff58870d0eac405acbcba1fddb9f2017d29016d 1528420 libcrypto3-udeb_3.0.20-1~deb12u2_amd64.udeb
 1db0f96ceb10cfeea4d26a7a2892c7f226ec834c 2443308 libssl-dev_3.0.20-1~deb12u2_amd64.deb
 fd8bdf7b7032b1e4ce0acc1d52478d836c600de8 4788116 libssl3-dbgsym_3.0.20-1~deb12u2_amd64.deb
 3b9c556c0093cdf9b0a159328602eadc16e0e8f5 221484 libssl3-udeb_3.0.20-1~deb12u2_amd64.udeb
 284281e265adcb7aad5f0d465ab391f7336da132 2036016 libssl3_3.0.20-1~deb12u2_amd64.deb
 c846e76036bf1384ab5790dbc2c4ed9253ba9c42 689336 openssl-dbgsym_3.0.20-1~deb12u2_amd64.deb
 fecf82a600727d52b1869070e534032582463fa6 7829 openssl_3.0.20-1~deb12u2_amd64-buildd.buildinfo
 b56001c959cff4ea669b37cd4e031ed42f6904d8 1438712 openssl_3.0.20-1~deb12u2_amd64.deb
Checksums-Sha256:
 95543b4c2fc820ec14a44c1c3e7e09c2ac7a545b4a34975baad22530b86a4768 1528420 libcrypto3-udeb_3.0.20-1~deb12u2_amd64.udeb
 43ef5c109056b1507a0972631ee8292e727029aeda1516b4672cb041730ae3af 2443308 libssl-dev_3.0.20-1~deb12u2_amd64.deb
 1bcfe3af4ace25be94b90a3993d2fefbe94e9d5684f03e1379c2d5d533534c43 4788116 libssl3-dbgsym_3.0.20-1~deb12u2_amd64.deb
 693c44f82e4efccb55052562d644b955e7cdc093375bf32a9d7ad85d8e7f6fda 221484 libssl3-udeb_3.0.20-1~deb12u2_amd64.udeb
 89be24b41bff568ee6e7caf5680a3d808e80315ed92e407056ce0fa7a5bda025 2036016 libssl3_3.0.20-1~deb12u2_amd64.deb
 d81a2094ec03d6bfe24c1552d0211b23c41ea22d3dd0a791280916b45a984277 689336 openssl-dbgsym_3.0.20-1~deb12u2_amd64.deb
 92b785c3a108cc84e5dffbff6273889e3f9e5b1c8d7e7c85daa97e6835fc17b5 7829 openssl_3.0.20-1~deb12u2_amd64-buildd.buildinfo
 4d218561dc838de081de97f54584c4a29e77e26c7ed9fe3440d776d8e6071bf9 1438712 openssl_3.0.20-1~deb12u2_amd64.deb
Files:
 93b2d23cef4e10bdd82db2c7ae9e8923 1528420 debian-installer optional libcrypto3-udeb_3.0.20-1~deb12u2_amd64.udeb
 39896be54b0fadb8aba1eb53b0c0975a 2443308 libdevel optional libssl-dev_3.0.20-1~deb12u2_amd64.deb
 65224d3902edbf3434937700560f3afa 4788116 debug optional libssl3-dbgsym_3.0.20-1~deb12u2_amd64.deb
 2b7c655ad57507be170788b035ba82a4 221484 debian-installer optional libssl3-udeb_3.0.20-1~deb12u2_amd64.udeb
 4efab63a42e193c6107a3e1d1c46eaa4 2036016 libs optional libssl3_3.0.20-1~deb12u2_amd64.deb
 55be732614dee7e761020035407f694c 689336 debug optional openssl-dbgsym_3.0.20-1~deb12u2_amd64.deb
 eb8a05bf1f02fcace4268d521649491d 7829 utils optional openssl_3.0.20-1~deb12u2_amd64-buildd.buildinfo
 5be72c521ad1ce86dfdfaffa78340b81 1438712 utils optional openssl_3.0.20-1~deb12u2_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE7cQ9mRD4+dWjjrb6PkCWRKsh20cFAmokotAACgkQPkCWRKsh
20eRkg/8C59igGJAuaaWJSThjLG8VhZIs6o1O5jubdSdXR3ZKJDnYhA7Pc6mk/OD
raammdz8ZKfvgOfhjBg9yTpSrqR5yiS/tfKACjJNuFewA91NRTyyUxFjtuC1o9vA
8oT/96OgDPoILTexWbCbqIXBn3gzFvzi4gpRlQa74Y8IlYNLtrFibpN+JPxlJe3d
TidseOB8/Y84KbA9mAThZ1Oag1zyIMuqVWPp3UT3vFkwr+y9/g6h75P44jFVwiRo
uuZ7rgJ/dsalqB0ApBK5MTGfKJlDt7Pad+rEqzu3WYYFzhrDD4b9gTh9RhjxBJ/r
aGqYS4zhNMAEzRj7sRwOqx2K8b5AG+aAJxNfdxnfg6gawziWCFLYOYAayj3Pb3qV
Iw2SbKPXiaifvYyxrBnZlDZAQAlnyTQZ5aM+JkvnanwUoB3Ybd5zWXdQkRenW6Gv
gaGUEg4mPIirYWF7lTjq7EMQbnJ7coubyP86MNfX3wDtuCdS8ifhxXCHdLKfW1g1
iBjLm96B5LbHhWoknEsGGSOIOGMER57lcSFnU5EJChGLKBx7FSWw+gEnvH5BaOOg
k49Ds2YM0EQRw9gHbmMSu093WgjSLGn3F3fVr6dfTo2jYwS4IkY+kv5M9ndlMLKd
XloTwfSxMGoV78HijAdQ6WWXywUBWy5vSkLMfZxvQl+5sjpoEVs=
=3oiB
-----END PGP SIGNATURE-----