Bug#1065413: marked as done (bookworm-pu: package openssl/3.0.13-1~deb12u1)

To: Jonathan Wiltshire <jmw@coccia.debian.org>
Subject: Bug#1065413: marked as done (bookworm-pu: package openssl/3.0.13-1~deb12u1)
From: "Debian Bug Tracking System" <owner@bugs.debian.org>
Date: Sat, 29 Jun 2024 10:53:34 +0000
Message-id: <[🔎] handler.1065413.D1065413.17196579831195155.ackdone@bugs.debian.org>
Reply-to: 1065413@bugs.debian.org
References: <E1sNVay-002bax-W2@coccia.debian.org> <20240304063821.phCTvkRp@breakpoint.cc>

Your message dated Sat, 29 Jun 2024 10:46:16 +0000
with message-id <E1sNVay-002bax-W2@coccia.debian.org>
and subject line Released with 12.6
has caused the Debian Bug report #1065413,
regarding bookworm-pu: package openssl/3.0.13-1~deb12u1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1065413: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1065413
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: submit@bugs.debian.org
Subject: bookworm-pu: package openssl/3.0.13-1~deb12u1
From: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Date: Mon, 4 Mar 2024 07:38:21 +0100
Message-id: <20240304063821.phCTvkRp@breakpoint.cc>

Package: release.debian.org
Control: affects -1 + src:openssl
X-Debbugs-Cc: openssl@packages.debian.org
User: release.debian.org@packages.debian.org
Usertags: pu
Tags: bookworm
X-Debbugs-Cc: sebastian@breakpoint.cc
Severity: normal

This is an update to the current stable OpenSSL release in the 3.0.x
series. It addresses the following CVE reports which were postponed due
to low severity:

- CVE-2023-5678 (Fix excessive time spent in DH check / generation with
  large Q parameter value)
- CVE-2023-6129 (POLY1305 MAC implementation corrupts vector registers on
  PowerPC)
- CVE-2023-6237 (Excessive time spent checking invalid RSA public keys)
- CVE-2024-0727 (PKCS12 Decoding crashes)

I'm not aware of a problems/ regression at this point. During the upload
of 3.1.x release to upstable at the time m2crypto and nodejs failed to
build. I verified that m2crypto in stable and nodejs in stable-security
build against this version of openssl.

Sebastian

--- End Message ---

--- Begin Message ---

To: 1065413-done@bugs.debian.org

Subject: Released with 12.6

From: Jonathan Wiltshire <jmw@coccia.debian.org>

Date: Sat, 29 Jun 2024 10:46:16 +0000

Message-id: <E1sNVay-002bax-W2@coccia.debian.org>
Version: 12.6

The upload requested in this bug has been released as part of 12.6.
--- End Message ---

Reply to:

Prev by Date: Bug#1065326: marked as done (bookworm-pu: package python3.11/3.11.2-6+deb12u1)
Next by Date: Bug#1065376: marked as done (bookworm-pu: package libxml-stream-perl/1.24-4+deb12u1)
Previous by thread: Bug#1065326: marked as done (bookworm-pu: package python3.11/3.11.2-6+deb12u1)
Next by thread: Bug#1065376: marked as done (bookworm-pu: package libxml-stream-perl/1.24-4+deb12u1)
Index(es):
- Date
- Thread