-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 06 Jun 2026 21:55:35 +0200
Source: openssl
Binary: libcrypto3-udeb libssl-dev libssl3-udeb libssl3t64 libssl3t64-dbgsym openssl openssl-dbgsym openssl-provider-fips openssl-provider-fips-dbgsym openssl-provider-legacy openssl-provider-legacy-dbgsym
Architecture: arm64
Version: 3.5.6-1~deb13u2
Distribution: trixie-security
Urgency: medium
Maintainer: arm64 Build Daemon (arm-conova-03) <buildd_arm64-arm-conova-03@buildd.debian.org>
Changed-By: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Description:
 libcrypto3-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb)
 libssl-dev - Secure Sockets Layer toolkit - development files
 libssl3-udeb - ssl shared library - udeb (udeb)
 libssl3t64 - Secure Sockets Layer toolkit - shared libraries
 openssl    - Secure Sockets Layer toolkit - cryptographic utility
 openssl-provider-fips - Secure Sockets Layer toolkit - cryptographic utility
 openssl-provider-legacy - Secure Sockets Layer toolkit - cryptographic utility
Changes:
 openssl (3.5.6-1~deb13u2) trixie-security; urgency=medium
 .
   * CVE-2026-7383 ("Possible Heap Buffer Overflow in ASN.1 Multibyte String
     Conversion")
   * CVE-2026-9076 ("Out-of-Bounds Read in CMS Password-Based Decryption")
   * CVE-2026-34180 ("Heap Buffer Over-read in ASN.1 Content Parsing")
   * CVE-2026-34181 ("PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC
     Keys")
   * CVE-2026-34182 ("CMS AuthEnvelopedData Processing May Accept Forged
     Messages")
   * CVE-2026-34183 ("Unbounded Memory Growth in the QUIC PATH_CHALLENGE
     Handler")
   * CVE-2026-42764 ("NULL pointer dereference in QUIC server initial packet
     handling")
   * CVE-2026-42766 ("Possible NULL Dereference in Password-Based CMS
     Decryption")
   * CVE-2026-42767 ("NULL Pointer Dereference in CRMF EncryptedValue
     Decryption")
   * CVE-2026-42768 ("Multi-RecipientInfo Bleichenbacher Oracle in
     CMS_decrypt() and PKCS7_decrypt()")
   * CVE-2026-42769 ("Trust-Anchor Substitution via cert/issuer Typo in CMP
     rootCaKeyUpdate")
   * CVE-2026-42770 ("FFC-DH Peer Validation Uses Attacker-Supplied q")
   * CVE-2026-45445 ("AES-OCB IV Ignored on EVP_Cipher() Path")
   * CVE-2026-45446 ("Incorrect Tag Processing for Empty Messages in
     AES-GCM-SIV and AES-SIV modes")
   * CVE-2026-45447 ("Heap Use-After-Free in OpenSSL PKCS7_verify()")
Checksums-Sha1:
 5f0c364cf41b2567945c97376ce49881621445d7 2338896 libcrypto3-udeb_3.5.6-1~deb13u2_arm64.udeb
 e00e42b454c6acfd3a11622bc8aca25e8b4a232b 3392872 libssl-dev_3.5.6-1~deb13u2_arm64.deb
 32088acbbee46d8b8a68fd2dfccfaa8cffdc2322 340560 libssl3-udeb_3.5.6-1~deb13u2_arm64.udeb
 5f81fba91ec6e6587ebd77b476db170f1426656e 6000812 libssl3t64-dbgsym_3.5.6-1~deb13u2_arm64.deb
 6e3fe344496850bb946e702685bacc5df1332dab 2760128 libssl3t64_3.5.6-1~deb13u2_arm64.deb
 f355f710fc60021c94cf59cefdfcc0b3d7075640 767132 openssl-dbgsym_3.5.6-1~deb13u2_arm64.deb
 427dd43c16f9ed4254922f761a0acb2f254fd7fb 1709348 openssl-provider-fips-dbgsym_3.5.6-1~deb13u2_arm64.deb
 8e6c10f4f13840432b1ffe016d7af2cca647fe4a 995340 openssl-provider-fips_3.5.6-1~deb13u2_arm64.deb
 976876f933f58f3c9be2418c9011af0359c38f40 91752 openssl-provider-legacy-dbgsym_3.5.6-1~deb13u2_arm64.deb
 d5a41e70f8551fb076606ed0b1c0dab7fa9bc32d 310184 openssl-provider-legacy_3.5.6-1~deb13u2_arm64.deb
 307621e869d652c82a5b5b3a9fec87b4c5bccb22 8791 openssl_3.5.6-1~deb13u2_arm64-buildd.buildinfo
 4b411e66ee3d3106570389d5d1e022b15c1975a8 1466984 openssl_3.5.6-1~deb13u2_arm64.deb
Checksums-Sha256:
 b22492e2e071fff125f6cc924884caf052cd2c14183d5582e569ecdab2e1f30e 2338896 libcrypto3-udeb_3.5.6-1~deb13u2_arm64.udeb
 afdd9c57261502a3a434ba606ddfd1e8fd0f288c663f2dc4f7570ce927867651 3392872 libssl-dev_3.5.6-1~deb13u2_arm64.deb
 ffa147e198b1ad3b6b12844aa8b31772258e0d2d5df0043d10d184bf08a6874b 340560 libssl3-udeb_3.5.6-1~deb13u2_arm64.udeb
 7d2f7f6f4def945d11cd9eb9e70733dd6aa6ec08518a39033654a77f68f13694 6000812 libssl3t64-dbgsym_3.5.6-1~deb13u2_arm64.deb
 f7e09a12ccb2d6bd28bcc87a6e2462a0558dcb3cc34d56f90ee86fbd3402d8ba 2760128 libssl3t64_3.5.6-1~deb13u2_arm64.deb
 73918ca35ea1edb680198e2fe97ef048f1fcb6fd48b16b97ebd40b598272994e 767132 openssl-dbgsym_3.5.6-1~deb13u2_arm64.deb
 465a2040bb5b3ab1eebd77b24bb68ae8b4f330a7da9f823ca45855f39015a724 1709348 openssl-provider-fips-dbgsym_3.5.6-1~deb13u2_arm64.deb
 270f8fbd6a938658265d569a1364744e4df617ac78fb713d24e7d770d9240849 995340 openssl-provider-fips_3.5.6-1~deb13u2_arm64.deb
 7e4ae634b67cc5d6aa07a47e4330fa7699351f7f79fcbf3b8926797181e5e655 91752 openssl-provider-legacy-dbgsym_3.5.6-1~deb13u2_arm64.deb
 b099729f6a38d7d57f7f442f0f836c862673b9bb0ee65d757da6e3cdebbfd2a4 310184 openssl-provider-legacy_3.5.6-1~deb13u2_arm64.deb
 c47f905662f2b0363f8c7bb3795dbe2e620a0d3fa7224b2549f397dd86357b10 8791 openssl_3.5.6-1~deb13u2_arm64-buildd.buildinfo
 1ee735e2480519bd1fd5f6576a879243bc81b9773059e1fa1ec8b8943c84e77c 1466984 openssl_3.5.6-1~deb13u2_arm64.deb
Files:
 7e58adc98f80fde77116ef720e558780 2338896 debian-installer optional libcrypto3-udeb_3.5.6-1~deb13u2_arm64.udeb
 b7d53047e53ec91d88bbe36910657e60 3392872 libdevel optional libssl-dev_3.5.6-1~deb13u2_arm64.deb
 f185752d62376e4ef3007de4e475cb07 340560 debian-installer optional libssl3-udeb_3.5.6-1~deb13u2_arm64.udeb
 b56174b9cb4a78366bf0db8f3651496a 6000812 debug optional libssl3t64-dbgsym_3.5.6-1~deb13u2_arm64.deb
 0f47eb2bb5c575033bd86d153b6e91c6 2760128 libs optional libssl3t64_3.5.6-1~deb13u2_arm64.deb
 b16d9909277d7ac1420e92740d597e66 767132 debug optional openssl-dbgsym_3.5.6-1~deb13u2_arm64.deb
 bc6d00abed354c12b1e6ddff96a36478 1709348 debug optional openssl-provider-fips-dbgsym_3.5.6-1~deb13u2_arm64.deb
 50f1de3b33f8f928a0f8d2624e3a03b1 995340 utils optional openssl-provider-fips_3.5.6-1~deb13u2_arm64.deb
 fbb5af064cb15be880ae9fb896296416 91752 debug optional openssl-provider-legacy-dbgsym_3.5.6-1~deb13u2_arm64.deb
 21c0d10775611ac1a50b79ddcb215e64 310184 utils optional openssl-provider-legacy_3.5.6-1~deb13u2_arm64.deb
 05e987ab24b59cfbb7fd09b1b3f051d8 8791 utils optional openssl_3.5.6-1~deb13u2_arm64-buildd.buildinfo
 8e4a5e4460f82f4a311c049e07737108 1466984 utils optional openssl_3.5.6-1~deb13u2_arm64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEElFiH1oZRZh1t4FSiXVp1sEH/1mIFAmokn9QACgkQXVp1sEH/
1mK/tw/9HuMHDYNQFGia8mL8MwInG3cwdNfcyBl9j/wEDSbAAQLVSoihYVk7a/u9
qhrsyAKMshUYay9uteghoVUckIDyoKREA230QD6ONIAfaEQuX+s96Dov/lLI+jdg
fZlkIcrOh1T8+/FR7IFwNRJZASKI0ZnRktOr/FsA5j8L4kl9a9Z1DhPCQlh8NPID
UnfnlXO+8ndBpsWXjVGpvxmo2hWZey8K5ahDcQK3H+OaHLYCuXMoNin/s2BSw7Nb
RO77st6koIuueCGaWpHOL4tYClFBDINafXrsny1I0DUbUp+UV7JlD4GUQD3B0gtc
4QNGLM5qWaZKVCj6exV+CIEPS+l6H6zVYeRszoqaESCL9aOL5BRIkvscuDqqLziM
eFLzuJd5Nu6pGKNP15dOpFaMjNi3OiRu2lwwzNIe9W7rK76xd5ZtyKo4sm7IcRP2
0ZtXR/w9IjSRAc3i2Ha0kZ/ZUY1AdFRF6CB0Q2U/+dKJcf2STCaviXSGVWjr96yB
zmhxnnUzrTeAkcpmb/iKDUuBEboyXzla2hPiXL6qB6Px9BMHtsFPH5ikRD0q7O/c
HvSEbEv1LRN1b9wD133G77el0zaASgeiMazUJ+v45aW75lChZ51exG1EJovf9Xoa
u7POBPDA1tgi+vrbYK25giaqy88TD+ZMrGBPG5hSFnoD0mrtU5E=
=l36Z
-----END PGP SIGNATURE-----