-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 24 Jan 2026 16:50:07 +0100
Source: openssl
Binary: libssl-doc
Architecture: all
Version: 3.5.4-1~deb13u2
Distribution: trixie-security
Urgency: medium
Maintainer: all Build Daemon (x86-grnet-02) <buildd_all-x86-grnet-02@buildd.debian.org>
Changed-By: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Description:
 libssl-doc - Secure Sockets Layer toolkit - development documentation
Changes:
 openssl (3.5.4-1~deb13u2) trixie-security; urgency=medium
 .
   * CVE-2025-11187 (Improper validation of PBMAC1 parameters in PKCS#12 MAC
     verification)
   * CVE-2025-15467 (Stack buffer overflow in CMS AuthEnvelopedData parsing)
   * CVE-2025-15468 (NULL dereference in SSL_CIPHER_find() function on unknown
     cipher ID)
   * CVE-2025-15469 ("openssl dgst" one-shot codepath silently truncates inputs
     >16MB)
   * CVE-2025-66199 (TLS 1.3 CompressedCertificate excessive memory allocation)
   * CVE-2025-68160 (Heap out-of-bounds write in BIO_f_linebuffer on short
     writes)
   * CVE-2025-69418 (Unauthenticated/unencrypted trailing bytes with low-level
     OCB function calls)
   * CVE-2025-69419 (Out of bounds write in PKCS12_get_friendlyname() UTF-8
     conversion)
   * CVE-2025-69420 (Missing ASN1_TYPE validation in TS_RESP_verify_response()
     function)
   * CVE-2025-69421 (NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex
     function)
   * CVE-2026-22795 (Missing ASN1_TYPE validation in PKCS#12 parsing)
   * CVE-2026-22796 (ASN1_TYPE Type Confusion in the
     PKCS7_digest_from_attributes() function)
Checksums-Sha1:
 d110474cd243d1ef715fb79d5ba1a5c031cdb5b7 2233612 libssl-doc_3.5.4-1~deb13u2_all.deb
 9c8cfd91a95e06cfd5a4b087927442e0891e3d39 5597 openssl_3.5.4-1~deb13u2_all-buildd.buildinfo
Checksums-Sha256:
 a8cc87ded737e1f119e8db14a88bace206ae7feb995e3b7d4a49cf6a09a96b7e 2233612 libssl-doc_3.5.4-1~deb13u2_all.deb
 6c141ac86cfd34659ad923ae0d23c56dceaf642a4597870bd4b8521d6c3fa8b8 5597 openssl_3.5.4-1~deb13u2_all-buildd.buildinfo
Files:
 b68e7445c008e2ca3d01283bce6ef154 2233612 doc optional libssl-doc_3.5.4-1~deb13u2_all.deb
 8f1b83bfcc50402a1bd3bca537873376 5597 utils optional openssl_3.5.4-1~deb13u2_all-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEj4Fym5GgeZdPqKhrJm69HxMTN+oFAml09B0ACgkQJm69HxMT
N+pB3xAAnKVTZ7aw7ons8up58zzolKmxDsZ5YQ05sR97C34MCzFCfrDfy2or9V30
oeJo+di6/rt+6vi4bVXutPUB6NQE3f+d0gy+RjUsfALvNj+AnQ0Au2e83JVJOL93
3IiVM8A9XK9UB/Pw4JHOOxLyWNYAQTHN5Vg7LJHwyfoRNUrbgDV4cIFRZEelEj4O
NJNg6VTFk1G1jbBGqlcsfCcjL1CIZXJJN8SUvHiW7SVNpz8LwB/mZ3QQ/4hDAy1V
N2Sx6C4WLhzePQBgNTxGtRi2dZCE10NZYKvq1bNIzxSCtV8uVanfKtyVGvEZKRZg
uhgiBuXGwmgnw3+AJWeFpk14ODvYUOV5WWI2E54Na3y9ILquvhlG43eEa4M9pNv4
OUea8s8aUkAo7fby5Z1hpeh7o6Nw+Yw8AnUuV9UgSuGmhshFyQ0tjfgYtAV6QG1o
wZGUEsrYRbJeQrNLQSuIrZTg8ap/0qVClt5AZPIqKLDdD99N5NqWT5j6cOtjwVTH
wGFZ09hEJc441S0oCAwoK7yRB1903uCX9fDukK87QlCjJ2aVXhASHTEfjBKb2CBB
yJJTRCzIEq5+e157FkGMrv7Zl9kpfW+LaX+2cZ5wXg75CCbJNFU2oy3DQXJJwKos
NJ2We002T8mwjJHkqkgFAIJ+78wKC98mfbJc9nVoWvxJd7e+1f0=
=cUbz
-----END PGP SIGNATURE-----