-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 06 Jun 2026 21:55:35 +0200
Source: openssl
Binary: libcrypto3-udeb libssl-dev libssl3-udeb libssl3t64 libssl3t64-dbgsym openssl openssl-dbgsym openssl-provider-fips openssl-provider-fips-dbgsym openssl-provider-legacy openssl-provider-legacy-dbgsym
Architecture: armel
Version: 3.5.6-1~deb13u2
Distribution: trixie-security
Urgency: medium
Maintainer: armel Build Daemon (arm-ubc-03) <buildd_arm64-arm-ubc-03@buildd.debian.org>
Changed-By: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Description:
 libcrypto3-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb)
 libssl-dev - Secure Sockets Layer toolkit - development files
 libssl3-udeb - ssl shared library - udeb (udeb)
 libssl3t64 - Secure Sockets Layer toolkit - shared libraries
 openssl    - Secure Sockets Layer toolkit - cryptographic utility
 openssl-provider-fips - Secure Sockets Layer toolkit - cryptographic utility
 openssl-provider-legacy - Secure Sockets Layer toolkit - cryptographic utility
Changes:
 openssl (3.5.6-1~deb13u2) trixie-security; urgency=medium
 .
   * CVE-2026-7383 ("Possible Heap Buffer Overflow in ASN.1 Multibyte String
     Conversion")
   * CVE-2026-9076 ("Out-of-Bounds Read in CMS Password-Based Decryption")
   * CVE-2026-34180 ("Heap Buffer Over-read in ASN.1 Content Parsing")
   * CVE-2026-34181 ("PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC
     Keys")
   * CVE-2026-34182 ("CMS AuthEnvelopedData Processing May Accept Forged
     Messages")
   * CVE-2026-34183 ("Unbounded Memory Growth in the QUIC PATH_CHALLENGE
     Handler")
   * CVE-2026-42764 ("NULL pointer dereference in QUIC server initial packet
     handling")
   * CVE-2026-42766 ("Possible NULL Dereference in Password-Based CMS
     Decryption")
   * CVE-2026-42767 ("NULL Pointer Dereference in CRMF EncryptedValue
     Decryption")
   * CVE-2026-42768 ("Multi-RecipientInfo Bleichenbacher Oracle in
     CMS_decrypt() and PKCS7_decrypt()")
   * CVE-2026-42769 ("Trust-Anchor Substitution via cert/issuer Typo in CMP
     rootCaKeyUpdate")
   * CVE-2026-42770 ("FFC-DH Peer Validation Uses Attacker-Supplied q")
   * CVE-2026-45445 ("AES-OCB IV Ignored on EVP_Cipher() Path")
   * CVE-2026-45446 ("Incorrect Tag Processing for Empty Messages in
     AES-GCM-SIV and AES-SIV modes")
   * CVE-2026-45447 ("Heap Use-After-Free in OpenSSL PKCS7_verify()")
Checksums-Sha1:
 1ec31a5240d765a503066966945bd9d8aa27d1cf 1506708 libcrypto3-udeb_3.5.6-1~deb13u2_armel.udeb
 8e381c8ff373b21cd095a3623a7e80463a5a2daa 2537620 libssl-dev_3.5.6-1~deb13u2_armel.deb
 045f63fe1d032509279e5b3718149e5dcea0ff6b 317044 libssl3-udeb_3.5.6-1~deb13u2_armel.udeb
 f89b1b5c2058f6658beda56f7a51b905be84266a 5787176 libssl3t64-dbgsym_3.5.6-1~deb13u2_armel.deb
 589c349f8f36a3ff3b7f4d78c612d41d1d39260d 1953692 libssl3t64_3.5.6-1~deb13u2_armel.deb
 515e3ca0f0c8b090f1e1ce87e705af7eb5a28158 734508 openssl-dbgsym_3.5.6-1~deb13u2_armel.deb
 927777a2b7c756d618ac672fd082bcc2ce5d41fa 1539620 openssl-provider-fips-dbgsym_3.5.6-1~deb13u2_armel.deb
 e349110f700e8327349c7cbd26037c408b03106b 861156 openssl-provider-fips_3.5.6-1~deb13u2_armel.deb
 824bda80b9516c331ae772992eb86c0f356ecd5e 93020 openssl-provider-legacy-dbgsym_3.5.6-1~deb13u2_armel.deb
 805aa04a9c62a1903d6ef7d59bd2c6477eba83cd 304324 openssl-provider-legacy_3.5.6-1~deb13u2_armel.deb
 5c9f92eb8fe9735ae729af82ac3b803dff980702 8659 openssl_3.5.6-1~deb13u2_armel-buildd.buildinfo
 8d1c49a72b3ea873f8199e096713c3af514a8f02 1461696 openssl_3.5.6-1~deb13u2_armel.deb
Checksums-Sha256:
 a231100bfb2d70f4c93beaf3e2617d1b533323f3f438c87d18ade91bc1569837 1506708 libcrypto3-udeb_3.5.6-1~deb13u2_armel.udeb
 573799dc91b994969a9596274a80dd779af8878927a7a37e6220c6fbf01980da 2537620 libssl-dev_3.5.6-1~deb13u2_armel.deb
 d6f35ff37654336cd137fdca043c1b8f70609d75bdc58061d86db5f1cab9c748 317044 libssl3-udeb_3.5.6-1~deb13u2_armel.udeb
 8778569876baa51fbfb667fe0de26a781f00105920792120a0b0e074e2486224 5787176 libssl3t64-dbgsym_3.5.6-1~deb13u2_armel.deb
 640d536c30a3730b4058e88c66871f2b764c2b3b05b8a1b99936963d5ed74bdb 1953692 libssl3t64_3.5.6-1~deb13u2_armel.deb
 563bb031448a383703809ba35f769b2ca8308737d96e86186462ad50f67f2621 734508 openssl-dbgsym_3.5.6-1~deb13u2_armel.deb
 f3d6127c3d9c22193e4cfed4ac13241e8bc9b4274377d36de1bcea54e3650921 1539620 openssl-provider-fips-dbgsym_3.5.6-1~deb13u2_armel.deb
 f1da6804a4da37838f912e0ffed81eba923a0c6c9132b317b19b2082b412fde2 861156 openssl-provider-fips_3.5.6-1~deb13u2_armel.deb
 74256ed5d474f2419210016002d8b3fbb09d15b695a9fc4515b55b9901425708 93020 openssl-provider-legacy-dbgsym_3.5.6-1~deb13u2_armel.deb
 f0fab9ce2f2cfb1813ce1764a8badca4c08c879efa6bb3f4288ebc9474ced550 304324 openssl-provider-legacy_3.5.6-1~deb13u2_armel.deb
 1f13a6722128d4dbc11852bede4dfa5e05417d311377e6a024b1df6c91a23ecf 8659 openssl_3.5.6-1~deb13u2_armel-buildd.buildinfo
 20d4975254931b7afbf103f9ae8cb34826074424da61fe39e1c1eebe0f329ab7 1461696 openssl_3.5.6-1~deb13u2_armel.deb
Files:
 0f50bda6bdff30e73cea30470e2858e6 1506708 debian-installer optional libcrypto3-udeb_3.5.6-1~deb13u2_armel.udeb
 942b0e1a4c8f49c7779e0ddf04ae98e2 2537620 libdevel optional libssl-dev_3.5.6-1~deb13u2_armel.deb
 4fd694e6729d7292583ad669bc4cfd45 317044 debian-installer optional libssl3-udeb_3.5.6-1~deb13u2_armel.udeb
 6e30757fb69a9581b4d58f43f7ed01db 5787176 debug optional libssl3t64-dbgsym_3.5.6-1~deb13u2_armel.deb
 dd312e9f750defd75e75c3ac55063b77 1953692 libs optional libssl3t64_3.5.6-1~deb13u2_armel.deb
 35933ac97fece9f23e265a59a10d269e 734508 debug optional openssl-dbgsym_3.5.6-1~deb13u2_armel.deb
 07540b1a7b6c96098f9ab92431d2613f 1539620 debug optional openssl-provider-fips-dbgsym_3.5.6-1~deb13u2_armel.deb
 df9f8cb31ef5de70da55f046bcead941 861156 utils optional openssl-provider-fips_3.5.6-1~deb13u2_armel.deb
 97581ac5a045518e01ac8c1ebc964ebf 93020 debug optional openssl-provider-legacy-dbgsym_3.5.6-1~deb13u2_armel.deb
 f39797710f64247fb3f138ed7f2a97ae 304324 utils optional openssl-provider-legacy_3.5.6-1~deb13u2_armel.deb
 1518a585a51035b9a3f97aab88288318 8659 utils optional openssl_3.5.6-1~deb13u2_armel-buildd.buildinfo
 ba24c2440e90206fccba9a6c1a98f5e0 1461696 utils optional openssl_3.5.6-1~deb13u2_armel.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE2kd8oHy+LXk/nybqvzDqKQSGl8UFAmokmV4ACgkQvzDqKQSG
l8VAVw//WMQaq1o0fMMb5kfZI7l/PS7JF3zR+ts8JIQbo/kIdIVhoozDnfRtHN5E
EkR8iKJsRReLyza4DnP/Kt51FPLCEK67Reb59w6HxjXC2v1+i4DOcrSVDdhthNHc
GhksoJdiY49mk0Q5f/O+hbQC4mMN+MJw2pfEP4xvJHR/FViM1R+3+mIMP2r1okOS
G/xCY3qGMhf++cqJlDs4Qmc3wFL7VUEm/FlpMO85HdF0T8SbeGEu2M4BUWkPfuxd
6gSLWFLYzmhImJIKxUTjrZCUUdoupQi2pHDpIetzApJfX0WlAG7l863joLO4a7we
4Okcc6iOu5+IvumSp+WEi2rnNIcnvaLFdj8ImKi1vpg3LeSDC/vhUGCu0XwykdjJ
129+AtB4VjYpFuOr0kV4k1Cp6obLSvEyQta/2NYm88UaByEYT2UDCvO8L0YUOF7/
mgDk28MN49SgiFf2aWgWxxbSonrbGGiHhekEV3KVDPW7hs52O+6Wcxw5ehfA6u6Y
JFO1roIwHGu2H3TP4XPUY1wkKu7uNbrWY3tABBrsinZsfIfAO27MAm33AzSsKihs
qlskn5QbmdHFF3NFUg75ZLPDQI/3YjpNTI7QLwau6gGmiIExCw9QDEdU24fBEJRH
3v0p1gyEPT+OjK1w4GGbFqhc/5P7DwEUVXBnLebKCxxJ4+m3Ep0=
=Ixg2
-----END PGP SIGNATURE-----