-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 06 Jun 2026 21:56:20 +0200 Source: openssl Binary: libcrypto3-udeb libssl-dev libssl3 libssl3-dbgsym libssl3-udeb openssl openssl-dbgsym Architecture: s390x Version: 3.0.20-1~deb12u2 Distribution: bookworm-security Urgency: medium Maintainer: s390x Build Daemon (zandonai) Changed-By: Sebastian Andrzej Siewior Description: libcrypto3-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb) libssl-dev - Secure Sockets Layer toolkit - development files libssl3 - Secure Sockets Layer toolkit - shared libraries libssl3-udeb - ssl shared library - udeb (udeb) openssl - Secure Sockets Layer toolkit - cryptographic utility Changes: openssl (3.0.20-1~deb12u2) bookworm-security; urgency=medium . * CVE-2026-7383 ("Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion") * CVE-2026-9076 ("Out-of-Bounds Read in CMS Password-Based Decryption") * CVE-2026-34180 ("Heap Buffer Over-read in ASN.1 Content Parsing") * CVE-2026-34182 ("CMS AuthEnvelopedData Processing May Accept Forged Messages") * CVE-2026-42766 ("Possible NULL Dereference in Password-Based CMS Decryption") * CVE-2026-42770 ("FFC-DH Peer Validation Uses Attacker-Supplied q") * CVE-2026-45445 ("AES-OCB IV Ignored on EVP_Cipher() Path") * CVE-2026-45446 ("Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes") * CVE-2026-45447 ("Heap Use-After-Free in OpenSSL PKCS7_verify()") Checksums-Sha1: 563e05a97caf6b156316939e8a8036a768a09f93 1164160 libcrypto3-udeb_3.0.20-1~deb12u2_s390x.udeb 02a1cd2474a16c3041680cecd2f23a36562535d5 2046956 libssl-dev_3.0.20-1~deb12u2_s390x.deb 2963c8dd57ce9ccfd2eed478b2237e331850f633 4458156 libssl3-dbgsym_3.0.20-1~deb12u2_s390x.deb ded668e4847dabe747fe992a2e98aac4375a6f82 195908 libssl3-udeb_3.0.20-1~deb12u2_s390x.udeb 80ace1f943eebb724452fed08bae76cbae880037 1633496 libssl3_3.0.20-1~deb12u2_s390x.deb c0add9bf519723049771ccab8a51387944557223 664396 openssl-dbgsym_3.0.20-1~deb12u2_s390x.deb a4281263527b97ff482beb5310d41c6895dc2bf6 7697 openssl_3.0.20-1~deb12u2_s390x-buildd.buildinfo 9826fde2135d06757a68217cfac5b5b05fc22b6b 1413972 openssl_3.0.20-1~deb12u2_s390x.deb Checksums-Sha256: a473da5b366583d2a15e56a55c98b898eda1c719ff0b82c8b9cb70ac27ae0db2 1164160 libcrypto3-udeb_3.0.20-1~deb12u2_s390x.udeb 3ff9efdcab61c79981dea306e1fb8686a1a40cad34b9e142f8bddddf3b417f42 2046956 libssl-dev_3.0.20-1~deb12u2_s390x.deb 54b20f3e4570e70e4433ef7163ef343500811c931f9cf357ad5ed5f78f988c5b 4458156 libssl3-dbgsym_3.0.20-1~deb12u2_s390x.deb 5b8d02fd7b7674ef79b3b71bf28dc2844ff1d95780b7185120d85124c6430c75 195908 libssl3-udeb_3.0.20-1~deb12u2_s390x.udeb 8f842575b6670d2241dffbd6ec95547cd55b129d0014ce7a6ab024e6d94399ef 1633496 libssl3_3.0.20-1~deb12u2_s390x.deb 2577e5f2d1f9a446c93403d20059fc0fa4e9066e410e0c836570c1ea25851cd1 664396 openssl-dbgsym_3.0.20-1~deb12u2_s390x.deb e60226e71a1788267f434aab820b9b4888cca7206900164e45953a0def2fc125 7697 openssl_3.0.20-1~deb12u2_s390x-buildd.buildinfo 1aea087c353a2b52946d607c791f8e816cc6ebdc7d959ddb5ebe9003af851cb2 1413972 openssl_3.0.20-1~deb12u2_s390x.deb Files: 953821a381ffa0b87bd72782ba533091 1164160 debian-installer optional libcrypto3-udeb_3.0.20-1~deb12u2_s390x.udeb cf46724936143945741145bc4dbc82cf 2046956 libdevel optional libssl-dev_3.0.20-1~deb12u2_s390x.deb 510c370df92c3f2ff261440c554fcb84 4458156 debug optional libssl3-dbgsym_3.0.20-1~deb12u2_s390x.deb 08a21fe2201a30739aab97894f9abe7b 195908 debian-installer optional libssl3-udeb_3.0.20-1~deb12u2_s390x.udeb fdcdf05ce65610f1df659721cb12d0bb 1633496 libs optional libssl3_3.0.20-1~deb12u2_s390x.deb 26919e10371caf084c3e4cb5dcc113d6 664396 debug optional openssl-dbgsym_3.0.20-1~deb12u2_s390x.deb 46b55bb51b9804245105c0f1bf31ce20 7697 utils optional openssl_3.0.20-1~deb12u2_s390x-buildd.buildinfo 2ffb2867425067491364cfee5ca7041d 1413972 utils optional openssl_3.0.20-1~deb12u2_s390x.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEENly2ANlpa4eeqnluvVOPI7pYNpgFAmoklVUACgkQvVOPI7pY NpijEw//a7vycVgx1xGBUqzHJ/JZK3Tnx2vKRyp307dybqdJ74DmwihNOQ4Q0GPq Fpl+OiZlQkLK+tYe75UZJ180B5HfizqiWuHZfxX+tpxC6clab0A81lI3xvJOGfUm XKJ947PlzIDHiXzthtqo+au+3SxAOyZ5wqYn94yCI7nCRslNf/Hsa2tJv3TKQNDX kXTDEsSm3Dka4NuBjYCLML38HTAmZaS1h5lGB64pxuymqLiv9w2ffdqbrv+sYqdD 8sYv0bqdiMiSsMUkE8YKQiBrBfnnzd6lYr5zmMV5FT1Akofn7wWEhTokUM6L4qC4 ELSXLMjJ+jEHmTUxIldY2WKAXBRF2gmjmQ2O8UQqKUXpElNrUjx5Y5vhIyrufCsZ al5Y4GwyWJMEygkmLT+4/3aXEJgWMF1C0ltCjdEB6d0pi6vOFXY4NTQDxlgepc6M /HTcGnuqgLkawEzjPDF3Mj+vg5dNkVjCZyHyQ8jTU35sspSmd6lY1mD1I0vJrNMV 9u3KO8id4E5QmLfJEtV4ziuzYsaLgCm468ghED0l8dOPW4CTJGz9PkzH1aoW1nRO t7VzNV4DN9pwKfFrdQInG256AxHFVLjyzcAx9zFG78yU971joSkI0d0v86mYUHzv Moa39zaPmGgBOI7ptLR+NjkkI2Vaj3wFIK49eDhQDAKjOZrH6v0= =giQE -----END PGP SIGNATURE-----