-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 03 Apr 2026 12:05:32 +0200 Source: openssl Binary: libcrypto3-udeb libssl-dev libssl3-udeb libssl3t64 libssl3t64-dbgsym openssl openssl-dbgsym openssl-provider-fips openssl-provider-fips-dbgsym openssl-provider-legacy openssl-provider-legacy-dbgsym Architecture: i386 Version: 3.5.5-1~deb13u2 Distribution: trixie-security Urgency: medium Maintainer: amd64 / i386 Build Daemon (x86-ubc-02) Changed-By: Sebastian Andrzej Siewior Description: libcrypto3-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb) libssl-dev - Secure Sockets Layer toolkit - development files libssl3-udeb - ssl shared library - udeb (udeb) libssl3t64 - Secure Sockets Layer toolkit - shared libraries openssl - Secure Sockets Layer toolkit - cryptographic utility openssl-provider-fips - Secure Sockets Layer toolkit - cryptographic utility openssl-provider-legacy - Secure Sockets Layer toolkit - cryptographic utility Closes: 1130650 Changes: openssl (3.5.5-1~deb13u2) trixie-security; urgency=medium . * CVE-2026-2673 ("OpenSSL TLS 1.3 server may choose unexpected key agreement group") (Closes: #1130650). * CVE-2026-28387 ("Potential use-after-free in DANE client code") * CVE-2026-28389 ("Possible NULL dereference when processing CMS KeyAgreeRecipientInfo") * CVE-2026-28390 ("Possible NULL dereference when processing CMS KeyTransportRecipient Info") * CVE-2026-31789 ("Heap buffer overflow in hexadecimal conversion") * CVE-2026-31790 ("Incorrect failure handling in RSA KEM RSASVE encapsulation") Checksums-Sha1: 8601d0d8424866338d03be81e313c059be86ca55 1946320 libcrypto3-udeb_3.5.5-1~deb13u2_i386.udeb 580b01437676cdae63ef7bef9547f3363f72d198 3003364 libssl-dev_3.5.5-1~deb13u2_i386.deb 8acc5f1c0071c5e8a47d82f2efc57d3d5394c8fa 417148 libssl3-udeb_3.5.5-1~deb13u2_i386.udeb 8d9fb5e6ed216577784e5da50d407ecff983b024 4862156 libssl3t64-dbgsym_3.5.5-1~deb13u2_i386.deb c01c095f055d54068106937657ac8b28cb36405a 2428032 libssl3t64_3.5.5-1~deb13u2_i386.deb 60c2f8ac75c9ea502fdff81eed3a6e0596dd2019 647032 openssl-dbgsym_3.5.5-1~deb13u2_i386.deb 251febffb6f1790a20536dc6fa01e828c8636de1 1304396 openssl-provider-fips-dbgsym_3.5.5-1~deb13u2_i386.deb 84b884345f19ba89b547e7d1ef91563222252aaf 1002788 openssl-provider-fips_3.5.5-1~deb13u2_i386.deb 73700285801979c81431103e6341e0eed27aea51 69624 openssl-provider-legacy-dbgsym_3.5.5-1~deb13u2_i386.deb b01a65969d9ae7d7c3c98536051d3e0af192c928 307036 openssl-provider-legacy_3.5.5-1~deb13u2_i386.deb 80b0f3993ecfa8abe5352375dc3892e96db8fed4 8666 openssl_3.5.5-1~deb13u2_i386-buildd.buildinfo 812f033a26c9be3223eea86d751a681ef9d16904 1503912 openssl_3.5.5-1~deb13u2_i386.deb Checksums-Sha256: 55daa2704029e401aaa4333380d83e3a3f0fc2e3e46eebca083c5f76aa0b2501 1946320 libcrypto3-udeb_3.5.5-1~deb13u2_i386.udeb 6433f1467be074dc79e51b24b486cf2a39804762188ba9819bfca38c37af0323 3003364 libssl-dev_3.5.5-1~deb13u2_i386.deb 86ab7aa329cb555f95f07669384873a29c8c19442f1b4423a23647f35b0bdd30 417148 libssl3-udeb_3.5.5-1~deb13u2_i386.udeb f5b3cd072c5b8d08da103b8a68d1405d26e7b99ab5d221fc25753cb59f450cf4 4862156 libssl3t64-dbgsym_3.5.5-1~deb13u2_i386.deb 3ca64d004550d5ed9511c64bb3ff3fede474ba499877ee57d49d9d2b36044d56 2428032 libssl3t64_3.5.5-1~deb13u2_i386.deb 38217aa500204b75ccc96d6acf5dea9a4de7f063b4a5433bb768f6d2fb0d1bd5 647032 openssl-dbgsym_3.5.5-1~deb13u2_i386.deb 832d5760727fb8017abd5f9c899e8109052a34890b86deff42b406512f4c2448 1304396 openssl-provider-fips-dbgsym_3.5.5-1~deb13u2_i386.deb a5a41fd11c59ff1bee0afb57c39cc58973dcb6b6b7eab9be7caf01e86760ca33 1002788 openssl-provider-fips_3.5.5-1~deb13u2_i386.deb 740d7dc4458a822d2f073a35380fe7fa39d8a0e888c3992feb682054e17e42a2 69624 openssl-provider-legacy-dbgsym_3.5.5-1~deb13u2_i386.deb 58a205f8ab36bddc092863b59a7bcef82f3e2e50d7212a05bc57c31c7bc90b5c 307036 openssl-provider-legacy_3.5.5-1~deb13u2_i386.deb 857c8c039294c0157a46d8e7542e48656f375c196d203adc7cb90a4cbe9e2398 8666 openssl_3.5.5-1~deb13u2_i386-buildd.buildinfo 983b5c2f766c583ea39baa21f63eb7e15ab6fc73f20cb884d7aabca33b126dbf 1503912 openssl_3.5.5-1~deb13u2_i386.deb Files: 54129d5539cd00134d9987d71363df1f 1946320 debian-installer optional libcrypto3-udeb_3.5.5-1~deb13u2_i386.udeb 26b9442c50046dd76970d2ac37a818a8 3003364 libdevel optional libssl-dev_3.5.5-1~deb13u2_i386.deb b00fd4f057e4cea29a9a4fec83ded8b2 417148 debian-installer optional libssl3-udeb_3.5.5-1~deb13u2_i386.udeb 80b725121caca2b0a5eec0e1daab2cc6 4862156 debug optional libssl3t64-dbgsym_3.5.5-1~deb13u2_i386.deb 5e7a1a948ac9e4496a9cf5b5da11a5e8 2428032 libs optional libssl3t64_3.5.5-1~deb13u2_i386.deb 793aaaf0e8b5e694aa311ded9e6447d8 647032 debug optional openssl-dbgsym_3.5.5-1~deb13u2_i386.deb 7fd7acb1e35d06a2d0588209619ab444 1304396 debug optional openssl-provider-fips-dbgsym_3.5.5-1~deb13u2_i386.deb 00e8770c18c912d6d771a00406ad1012 1002788 utils optional openssl-provider-fips_3.5.5-1~deb13u2_i386.deb 7f8875c308a17d34efa2b2274c01c983 69624 debug optional openssl-provider-legacy-dbgsym_3.5.5-1~deb13u2_i386.deb 92b3a8d96c6e650c04c50a261056857c 307036 utils optional openssl-provider-legacy_3.5.5-1~deb13u2_i386.deb 72c660d7965db473eb97a3612a938c6c 8666 utils optional openssl_3.5.5-1~deb13u2_i386-buildd.buildinfo b36a4a3cb9bbec7175b213e373b126b7 1503912 utils optional openssl_3.5.5-1~deb13u2_i386.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEb5EwsJvHBEjqIJYIbheoBegwXLIFAmnP4N0ACgkQbheoBegw XLKuxw//RPaN0SWw3MoE9wCXtUqPeJlHPWX6rRpLj6dmxhaJ97hS1DvFDAHA6Fei rnvSX9fJQfTU4zU0clMT/DfwYYyVjmRq138Y6wLkCdpUtCGyHhR83tzM5JLEceou rSsVixaP73wOtxV7tXXCfofBEKlotvbtEoZiV08E0eSlkYK0i5SI/86qW4B61f8Z joUMuR3iY/y/Knkt+v7Ian8EjAtJLMd0vsHv03T402MVlfB6/PLIoQsQ/m2Dj2bz q1X9KuR5PvNVStlgrWlXIcFOOhkFkWo2YH4ai0mz7aZzpW1Rlxk4Ar7H2fgsXKKe cTBZuqTdP+w3h1vbcef8/ctzAMxgjJNF+53q6IBOxLR5MUDSLWrItniANVHbL7HP 5oEG7hytAKzaXXXlxJyaju8hZnjDJ23RiGb2F1/7rIrf2xizQ2Dl0hkT994K7W0g COKWZstiZN9CbrSN8er4Rq2ZYq33X57TsrrcywlymztAFDzrBF2xbcS/88dJHUNG /v1XCF/TKvSx7bOmt/KtRm4FG5hkfTEywY4aswk/ME9OQS8S0O6Flw2uI7H3xAG2 4AiOHkSpfiBxLkwa2T+dyRV2fsDXpy9s6/Mk1feQbnQ9E44jmWqhzvgEy06bHNnW T5iMGhocvXxLB6fWh8zabnxzL9YJMNNG+mQwj9vT/F01Z5IuFwM= =t1NO -----END PGP SIGNATURE-----