-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 06 Jun 2026 21:56:20 +0200 Source: openssl Binary: libcrypto3-udeb libssl-dev libssl3 libssl3-dbgsym libssl3-udeb openssl openssl-dbgsym Architecture: armhf Version: 3.0.20-1~deb12u2 Distribution: bookworm-security Urgency: medium Maintainer: armhf Build Daemon (arm-ubc-05) Changed-By: Sebastian Andrzej Siewior Description: libcrypto3-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb) libssl-dev - Secure Sockets Layer toolkit - development files libssl3 - Secure Sockets Layer toolkit - shared libraries libssl3-udeb - ssl shared library - udeb (udeb) openssl - Secure Sockets Layer toolkit - cryptographic utility Changes: openssl (3.0.20-1~deb12u2) bookworm-security; urgency=medium . * CVE-2026-7383 ("Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion") * CVE-2026-9076 ("Out-of-Bounds Read in CMS Password-Based Decryption") * CVE-2026-34180 ("Heap Buffer Over-read in ASN.1 Content Parsing") * CVE-2026-34182 ("CMS AuthEnvelopedData Processing May Accept Forged Messages") * CVE-2026-42766 ("Possible NULL Dereference in Password-Based CMS Decryption") * CVE-2026-42770 ("FFC-DH Peer Validation Uses Attacker-Supplied q") * CVE-2026-45445 ("AES-OCB IV Ignored on EVP_Cipher() Path") * CVE-2026-45446 ("Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes") * CVE-2026-45447 ("Heap Use-After-Free in OpenSSL PKCS7_verify()") Checksums-Sha1: 425196d3ed8900c5ddc00e05511f206fc54f5ad4 1213880 libcrypto3-udeb_3.0.20-1~deb12u2_armhf.udeb e2196ee990db06cc01b50a5d180020c83df5bf69 2146476 libssl-dev_3.0.20-1~deb12u2_armhf.deb 350e7d670f9d06f52c5b10c94e3f1f6d21214882 4479444 libssl3-dbgsym_3.0.20-1~deb12u2_armhf.deb 408eeae3f2647916b982c8d9f9f4887c050b1e26 186744 libssl3-udeb_3.0.20-1~deb12u2_armhf.udeb f7c4ca65b0c3cafbd89c17e6aff40a6d0a216932 1681260 libssl3_3.0.20-1~deb12u2_armhf.deb 8cf0cc5466c9c01b3d1d4c2d497b2a62c4183edf 660344 openssl-dbgsym_3.0.20-1~deb12u2_armhf.deb 19de3b88343631bc072453c682d0f2f7f14cf3df 7685 openssl_3.0.20-1~deb12u2_armhf-buildd.buildinfo 739cd9cc16cc7643bda31e43ea3df3e9e050337f 1405716 openssl_3.0.20-1~deb12u2_armhf.deb Checksums-Sha256: 8a8b376ad9a23050d947c1f7f2edbf5459bddcc3e820f1eaa7aa5405c5c5b039 1213880 libcrypto3-udeb_3.0.20-1~deb12u2_armhf.udeb 2454498e072aa19108c906e9a5e45c3dfc2c80266fe02cf7fd278b27d6faf0b5 2146476 libssl-dev_3.0.20-1~deb12u2_armhf.deb b1f1e84e61b4d6553c732ebb4456eb969c9696ba0176b5ed6e578606ca594ad3 4479444 libssl3-dbgsym_3.0.20-1~deb12u2_armhf.deb 00497322a33fa769d36b450193f8b880311aa9b132de6c0ce00ab4b4a28c00e8 186744 libssl3-udeb_3.0.20-1~deb12u2_armhf.udeb 8e7bfa25f6be0b5b0257e093ffad36f6ccb72f51ead97d8b7e78fafac59184a4 1681260 libssl3_3.0.20-1~deb12u2_armhf.deb 6e7d107654771cc95a61cb7c2f8c0568c9bced3edddc7b3d5ba6d328cfeb5413 660344 openssl-dbgsym_3.0.20-1~deb12u2_armhf.deb fcde5cf2b9695c6f68cc3b57bf1e26c0e23e0107291dd0482a96f293c141b3dd 7685 openssl_3.0.20-1~deb12u2_armhf-buildd.buildinfo d698dd032e96ccd68f8d6e1bd9b2d7805960ada5011cc1a3984e2397afc72961 1405716 openssl_3.0.20-1~deb12u2_armhf.deb Files: dcff8c0e361b1c3cc289737665ae2f60 1213880 debian-installer optional libcrypto3-udeb_3.0.20-1~deb12u2_armhf.udeb 2ea5b7d23d9f355f37ff02259ae86241 2146476 libdevel optional libssl-dev_3.0.20-1~deb12u2_armhf.deb ad2f72a8160cdfc7e9a0465a68259de4 4479444 debug optional libssl3-dbgsym_3.0.20-1~deb12u2_armhf.deb 01385df9ee592e2dc3dd150cda61f64c 186744 debian-installer optional libssl3-udeb_3.0.20-1~deb12u2_armhf.udeb 6cbf9264547618bbb26a7c1c10916cc5 1681260 libs optional libssl3_3.0.20-1~deb12u2_armhf.deb e28a0fa055d4083a423755e263dccb49 660344 debug optional openssl-dbgsym_3.0.20-1~deb12u2_armhf.deb d292bb898f2ee5523b3ea5d6e0ede5ce 7685 utils optional openssl_3.0.20-1~deb12u2_armhf-buildd.buildinfo 5c806333e60fd75d09937b1643720258 1405716 utils optional openssl_3.0.20-1~deb12u2_armhf.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE7rv+l3KtZdQea77lnwznazfjXToFAmokmGoACgkQnwznazfj XTrg0hAAovAezbvDlbZUhLTm2yKrvL2k1+t0cE2XPMWZwCrdURR7atHWjNx/VRr1 aJ2+SMQuPQekbXrSoYbvXPUoJzr2U8SJkyWr9ks8LSkSffndaN9v3eH+Bw9rcgZF Z08PhgFXi04ec9lbCbxHSY6dmm5/2a/EauFcy+Ug6PCqOlejvVm36GiOAfwZTteP QeUMwn5Gyx2ZH9h/CuuTcPuWVf0XssJu5pdLkJEW+mfK0FRrzS9FXwja0919JrE6 Jtpzu9MYOD3tbcEfTVL4qZR8ncTmZf5WVCB2ke5n988gon9QYdk9GW/CYkRngyCj e0QGhRvjXetyTzouN4eOk8PPWVRF6yGhI//F+f6nrzXKgT3PFHDga3PIZws3LYhD pZSdh273QKHr4keXYGVtjXcncrt2MoHXrhNpF52t3VGAPbVC28cOgw/ISHtpakUH y+fMwaB0bhebMtx4Fk+MSw+248ihysHL27LDF+9hV839CNwsM0+R7p2NAv2P14oc ApEcbYfBOsYqK6llXGUkUTpEKWJqjdcW+WEUozscU2Aq/Njs38Rq+caz/7DtDPXO g95fqB2IYZAO2zDtQe8NpLAigqNNy9WXHSRP9RQ6rL3LAtYzeCn2LyLC82Qy/eQF HtgW0iLAWIRhNRo3cAQuhT29dRByk3o0qTj4TEfnkYqp+TaDXqA= =bcI9 -----END PGP SIGNATURE-----