-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 24 Jan 2026 16:50:07 +0100
Source: openssl
Binary: libcrypto3-udeb libssl-dev libssl3-udeb libssl3t64 libssl3t64-dbgsym openssl openssl-dbgsym openssl-provider-fips openssl-provider-fips-dbgsym openssl-provider-legacy openssl-provider-legacy-dbgsym
Architecture: ppc64el
Version: 3.5.4-1~deb13u2
Distribution: trixie-security
Urgency: medium
Maintainer: ppc64el Build Daemon (ppc64el-osuosl-02) <buildd_ppc64el-ppc64el-osuosl-02@buildd.debian.org>
Changed-By: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Description:
 libcrypto3-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb)
 libssl-dev - Secure Sockets Layer toolkit - development files
 libssl3-udeb - ssl shared library - udeb (udeb)
 libssl3t64 - Secure Sockets Layer toolkit - shared libraries
 openssl    - Secure Sockets Layer toolkit - cryptographic utility
 openssl-provider-fips - Secure Sockets Layer toolkit - cryptographic utility
 openssl-provider-legacy - Secure Sockets Layer toolkit - cryptographic utility
Changes:
 openssl (3.5.4-1~deb13u2) trixie-security; urgency=medium
 .
   * CVE-2025-11187 (Improper validation of PBMAC1 parameters in PKCS#12 MAC
     verification)
   * CVE-2025-15467 (Stack buffer overflow in CMS AuthEnvelopedData parsing)
   * CVE-2025-15468 (NULL dereference in SSL_CIPHER_find() function on unknown
     cipher ID)
   * CVE-2025-15469 ("openssl dgst" one-shot codepath silently truncates inputs
     >16MB)
   * CVE-2025-66199 (TLS 1.3 CompressedCertificate excessive memory allocation)
   * CVE-2025-68160 (Heap out-of-bounds write in BIO_f_linebuffer on short
     writes)
   * CVE-2025-69418 (Unauthenticated/unencrypted trailing bytes with low-level
     OCB function calls)
   * CVE-2025-69419 (Out of bounds write in PKCS12_get_friendlyname() UTF-8
     conversion)
   * CVE-2025-69420 (Missing ASN1_TYPE validation in TS_RESP_verify_response()
     function)
   * CVE-2025-69421 (NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex
     function)
   * CVE-2026-22795 (Missing ASN1_TYPE validation in PKCS#12 parsing)
   * CVE-2026-22796 (ASN1_TYPE Type Confusion in the
     PKCS7_digest_from_attributes() function)
Checksums-Sha1:
 6d3d6cc840bce76254c0988559933de0cb246a3e 2049328 libcrypto3-udeb_3.5.4-1~deb13u2_ppc64el.udeb
 2f89252f1f17f9dc9e04341b1cfb05b70875639d 3125408 libssl-dev_3.5.4-1~deb13u2_ppc64el.deb
 9abcb579efd38d4e6236158ddda1477897f912dc 402896 libssl3-udeb_3.5.4-1~deb13u2_ppc64el.udeb
 be89ccc2a5ec9a9c342fe92df0c034251af6ca11 6252952 libssl3t64-dbgsym_3.5.4-1~deb13u2_ppc64el.deb
 cb5b0c95ab5c75c26546c9c128a78328d6e099bc 2504176 libssl3t64_3.5.4-1~deb13u2_ppc64el.deb
 b3d315005088e9200eb1fc699578d07e2b39bad9 779408 openssl-dbgsym_3.5.4-1~deb13u2_ppc64el.deb
 97879838014006f30c9093a49f52ba61cf1fea2f 1780200 openssl-provider-fips-dbgsym_3.5.4-1~deb13u2_ppc64el.deb
 a636dd8760c008316a1a5f44b2e333cd25f1d6be 1074476 openssl-provider-fips_3.5.4-1~deb13u2_ppc64el.deb
 a93c9072c6a1067f5038ccb6ca7d0326018094c8 98520 openssl-provider-legacy-dbgsym_3.5.4-1~deb13u2_ppc64el.deb
 2bcf8a906ea5b7986a6affea109e45806f6fda85 309000 openssl-provider-legacy_3.5.4-1~deb13u2_ppc64el.deb
 30e2aec00b7edf3612166eee9605dc1dd9d170a2 8837 openssl_3.5.4-1~deb13u2_ppc64el-buildd.buildinfo
 1b74b91bc89c378ac548f33e6cb196443e1854a2 1493676 openssl_3.5.4-1~deb13u2_ppc64el.deb
Checksums-Sha256:
 a0214fb08e2b54e698c7f633337d30039dcc75c06ea14fe8b45111057fdacf5a 2049328 libcrypto3-udeb_3.5.4-1~deb13u2_ppc64el.udeb
 d125bb23315596bea849e6e0ffa424c5517a3a29e372c02f7b55e197afdeca32 3125408 libssl-dev_3.5.4-1~deb13u2_ppc64el.deb
 fb4ad49a86562026df671f8d860b1cfe5ff2799eb3de7a44711b4ca1904e3651 402896 libssl3-udeb_3.5.4-1~deb13u2_ppc64el.udeb
 f7995b6b9d51ee9962603868bd435f8d5a284727a1b4a1f5155e3d0051192f7b 6252952 libssl3t64-dbgsym_3.5.4-1~deb13u2_ppc64el.deb
 cc6ec9ebe696b2e113ca7b24f1bdfa34de9bbfbad8c1f80083d5a77627475aa1 2504176 libssl3t64_3.5.4-1~deb13u2_ppc64el.deb
 93f232a68c4705bdd730f4f9dc405bb8dfc12842b59ff9d86eecf2ee760c3e0e 779408 openssl-dbgsym_3.5.4-1~deb13u2_ppc64el.deb
 181cc579f4ad070d4de431c8cd4a97867da86167aa16d2db159242183a6b7bf2 1780200 openssl-provider-fips-dbgsym_3.5.4-1~deb13u2_ppc64el.deb
 bcdd10d46abb6ad954399785082a6b5ae0713576e9e7f890556ba978b9f79b83 1074476 openssl-provider-fips_3.5.4-1~deb13u2_ppc64el.deb
 a5afa3d3bb8c6a606aa1e2bc32767f60cc2ecfa111928eaf1a2ee4949173736d 98520 openssl-provider-legacy-dbgsym_3.5.4-1~deb13u2_ppc64el.deb
 37bad1a0ecb7727cb1adfa6f077144d36febc4ea6ce9606271c2a284e03fdc59 309000 openssl-provider-legacy_3.5.4-1~deb13u2_ppc64el.deb
 0cb780709b22a0d19e965aea48597579e0436a3bfc1415b232e0723299b3b1bd 8837 openssl_3.5.4-1~deb13u2_ppc64el-buildd.buildinfo
 41790a030f98725f4aff4d51d43c3ef6aa1d166fade931c44bfe2b25ddb38c49 1493676 openssl_3.5.4-1~deb13u2_ppc64el.deb
Files:
 576f0ba06ebeb3161fd0c8f0e0e08778 2049328 debian-installer optional libcrypto3-udeb_3.5.4-1~deb13u2_ppc64el.udeb
 0a9e4e519d23f6eed35d020ded2b71ad 3125408 libdevel optional libssl-dev_3.5.4-1~deb13u2_ppc64el.deb
 75194037f18e1e58cf0383f59e25c4d4 402896 debian-installer optional libssl3-udeb_3.5.4-1~deb13u2_ppc64el.udeb
 4f4e0e33cb463e1ae09f727f67746200 6252952 debug optional libssl3t64-dbgsym_3.5.4-1~deb13u2_ppc64el.deb
 dabe3e9fc0dc9ee6cffd6cd6dac6f152 2504176 libs optional libssl3t64_3.5.4-1~deb13u2_ppc64el.deb
 8e765c956a91353fa9717a7127ea8e00 779408 debug optional openssl-dbgsym_3.5.4-1~deb13u2_ppc64el.deb
 b1c5ee8a41d9b8eb1dd8f5cef3329655 1780200 debug optional openssl-provider-fips-dbgsym_3.5.4-1~deb13u2_ppc64el.deb
 12607295fd168c6461380d87cd5603ad 1074476 utils optional openssl-provider-fips_3.5.4-1~deb13u2_ppc64el.deb
 9362489d0b695dac180f606dacb6a144 98520 debug optional openssl-provider-legacy-dbgsym_3.5.4-1~deb13u2_ppc64el.deb
 c2074d400466e18ddf9c48a046614366 309000 utils optional openssl-provider-legacy_3.5.4-1~deb13u2_ppc64el.deb
 2fd5a22002eb72e80b5b102f3069dfd3 8837 utils optional openssl_3.5.4-1~deb13u2_ppc64el-buildd.buildinfo
 448b0ad2c9c026a65917292b88e783fb 1493676 utils optional openssl_3.5.4-1~deb13u2_ppc64el.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEYo4fOZBRi9qmvTxH1PowSTJ8+YQFAml0+JoACgkQ1PowSTJ8
+YQaWg/+JcU9EBNNLlkWcSmBXKsvvVyOvUR+rjDCU7aKiyiSt9eX8wgUN4FCltff
TxajvDBLnf3Ai2SrBBfSu4pIiDy5YHFYd1wTjQ1SuVXS5gQSTWYSLc57NoJbQJoJ
Ma5T0pe8xBCkXDCewMG28AQzLjq09ddk8CTuBrQog6Tk/jDqA+TarCIBhPJqwQGK
mmzYNopvzzxxFf3tUTjBRpSBA0/x2ZGXbq/lexm5hwdAj3eibh/lZmHxDmb854d4
+LXXZHOMHr5JMTnImPIF4m+1WYZecMoJ9SMW2kt993jsyksgYoZxVw+m1jXmctNl
qXCmISI6TvmZxwrlv2lMvuQvdSzPje/ceDM1w84tHXMYO49gVe20abiyAozLJpBJ
mN2MmoFuFozTWsohhH+dQLeBGIvX5kHyCiJB8IyXfW9FCwH48QMIm8H/0rEqPuWi
tAeHjSqzmRKxowHX9O7cv5h8jELhHD9MPNONSJBv+TnDU4EuP9BytU9XDVizeiI/
YSY+5DGDA7GfaaQwL9vYfHRxGePzFPFcfHLp4IZR4PJumqRr8lmyZJGOxubW+J7a
ShP1EGh3ZJnqqz9+i94ftA651NR8v7rb6QGpC7/9F2UsACdwasX5Z11WJS04cB1B
kjE6zMYhMHdb6y4L2Vzl1JUeDroUmh5yU8N+VUMbCjjuHgxLFrM=
=MiWt
-----END PGP SIGNATURE-----