-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 06 Jun 2026 21:56:20 +0200
Source: openssl
Binary: libcrypto3-udeb libssl-dev libssl3 libssl3-dbgsym libssl3-udeb openssl openssl-dbgsym
Architecture: i386
Version: 3.0.20-1~deb12u2
Distribution: bookworm-security
Urgency: medium
Maintainer: i386 Build Daemon (x86-grnet-01) <buildd_amd64-x86-grnet-01@buildd.debian.org>
Changed-By: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Description:
 libcrypto3-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb)
 libssl-dev - Secure Sockets Layer toolkit - development files
 libssl3    - Secure Sockets Layer toolkit - shared libraries
 libssl3-udeb - ssl shared library - udeb (udeb)
 openssl    - Secure Sockets Layer toolkit - cryptographic utility
Changes:
 openssl (3.0.20-1~deb12u2) bookworm-security; urgency=medium
 .
   * CVE-2026-7383 ("Possible Heap Buffer Overflow in ASN.1 Multibyte String
     Conversion")
   * CVE-2026-9076 ("Out-of-Bounds Read in CMS Password-Based Decryption")
   * CVE-2026-34180 ("Heap Buffer Over-read in ASN.1 Content Parsing")
   * CVE-2026-34182 ("CMS AuthEnvelopedData Processing May Accept Forged
     Messages")
   * CVE-2026-42766 ("Possible NULL Dereference in Password-Based CMS
     Decryption")
   * CVE-2026-42770 ("FFC-DH Peer Validation Uses Attacker-Supplied q")
   * CVE-2026-45445 ("AES-OCB IV Ignored on EVP_Cipher() Path")
   * CVE-2026-45446 ("Incorrect Tag Processing for Empty Messages in
     AES-GCM-SIV and AES-SIV modes")
   * CVE-2026-45447 ("Heap Use-After-Free in OpenSSL PKCS7_verify()")
Checksums-Sha1:
 dba39208c0f7af9bc1892ad3ef2fcf6eaff96cf9 1517592 libcrypto3-udeb_3.0.20-1~deb12u2_i386.udeb
 b7e7539dad1ac10bdb2cf38b0457a6ed683bc78c 2503172 libssl-dev_3.0.20-1~deb12u2_i386.deb
 9f5532ce1aae55c5d17038353be135f000031061 3680636 libssl3-dbgsym_3.0.20-1~deb12u2_i386.deb
 737fc0e5c57a7a10130b941b4723f98aef42e020 238856 libssl3-udeb_3.0.20-1~deb12u2_i386.udeb
 28e589b73daa27172db175ceaaf8bdf54ff20654 2040268 libssl3_3.0.20-1~deb12u2_i386.deb
 02c69e52b0f21f21f2205832f9a5b8254b4219cd 597828 openssl-dbgsym_3.0.20-1~deb12u2_i386.deb
 45158e20bbb832eb056ea7ac1c936f6840b99a7c 7751 openssl_3.0.20-1~deb12u2_i386-buildd.buildinfo
 97482cad58498e0f959bd5bca1bee9557dae1cfb 1443212 openssl_3.0.20-1~deb12u2_i386.deb
Checksums-Sha256:
 66f76204424c5ecb6bd815d38c4f28169362e9834b7cf533e07f61f1218839c9 1517592 libcrypto3-udeb_3.0.20-1~deb12u2_i386.udeb
 9c5aef6ef3487a1b6e6dc80dba045c0a281165c31f48f4a8b7f2d7b3c6144cf9 2503172 libssl-dev_3.0.20-1~deb12u2_i386.deb
 1943fb7bde333aff90d07e3e1e03bf8a5592fe7847519cdc10f23012f7784e21 3680636 libssl3-dbgsym_3.0.20-1~deb12u2_i386.deb
 441ed26295482034255fb7d227318b2b3fdbd4818804894d1ed34505efecd287 238856 libssl3-udeb_3.0.20-1~deb12u2_i386.udeb
 dd62209dd6c12bb9240f4fab882b7d4e16e7d5f00f31304b8d9c35c5d431b662 2040268 libssl3_3.0.20-1~deb12u2_i386.deb
 35188fbc692ffe8bb9a154eaa3ed2040d58aee8b9d82b57564714a44a047c966 597828 openssl-dbgsym_3.0.20-1~deb12u2_i386.deb
 7f578d49786315f0e40895c3d5a698bf4bdb4d5070dc013db8872c7b39e49464 7751 openssl_3.0.20-1~deb12u2_i386-buildd.buildinfo
 490d07f87294221b7cb80b2aba2282ae8efd0c9cdec61f82b8cbe32f1bf9d8bd 1443212 openssl_3.0.20-1~deb12u2_i386.deb
Files:
 8d03d4d0a3025e54a0dacbdd3ded7ca0 1517592 debian-installer optional libcrypto3-udeb_3.0.20-1~deb12u2_i386.udeb
 b5544659e67443b56d4874b19d3ad2a3 2503172 libdevel optional libssl-dev_3.0.20-1~deb12u2_i386.deb
 3c18c81c24758d3b90c499ae70d36554 3680636 debug optional libssl3-dbgsym_3.0.20-1~deb12u2_i386.deb
 41659c9224d9f906e08b6185f6d59ed3 238856 debian-installer optional libssl3-udeb_3.0.20-1~deb12u2_i386.udeb
 02f9f52bdf09b9e43f2a46b902b859a8 2040268 libs optional libssl3_3.0.20-1~deb12u2_i386.deb
 3eb4eeb667b02f8ce0ccd0dc2c282994 597828 debug optional openssl-dbgsym_3.0.20-1~deb12u2_i386.deb
 c3189b1acd0ce7670f7463ada4b8d95b 7751 utils optional openssl_3.0.20-1~deb12u2_i386-buildd.buildinfo
 98b62c295778baef61088fc1efc6a8d5 1443212 utils optional openssl_3.0.20-1~deb12u2_i386.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEPAUaMA0H0rOy6qBWf2INRiCdaWIFAmokmYYACgkQf2INRiCd
aWJV1RAAnHI5ig+TDae6C/JCle57EiAhXS64Oq4f3WsClZFfCWRyV2OEz+Endcx7
PMQL1MjcpV8aGvxwx0hKnB7zTgGrlo4iCuj8LG2ot+w3ol/l9KzrdJLB5mCHtekW
BV4jDrBOIX1h1xzFE2LvA35Nd6ECdRhEQyD7guEIaxW9Vl6+rSMnRJF2/lwur+1x
b132ZZXhfWza6js5hSx1PV2JxgrQ/qmDbAXKsgimAWjjg2BI+Dab+ifDoL8oT7cZ
reReJ5owJXh10UzYdr/SuZFgX70nacRX7xEM579Drq/pwVPPgEcsWdLtx/sxXxtI
th2IMkX0+F7UuTN1dbdGshicsL9FJWQ05CPQMM01NrSfwFgZAyySO2BeFnqUUmRa
2agELHuixVE4OVUpIqfsH0koQim6ZmleVmKN7cImntpg92lzUjL6dr5Y9hQgIMaZ
0ZfD12IK6GuZWbPHOqTZAAJl2Mh4Gr4br5w0EqrKONJO+HKWL/U2BOcsSCDTcNaF
WNF6rRPKFrCz4xZ6NKNnLuM02u5BoYj46COdNyeZ07KEGHLHkcOCdj3loE9ZbJ7l
8m7465UKWVfe8lKlHR25m43WXeoFgeE3negPfrAkgblP/H7l6OyMHhkv4G41RhTf
WqZ9AaoVQK1mDAKqNRJ1z3Mh5Rau2mLh4bYh6f4AoM0oond4MCs=
=Ai5f
-----END PGP SIGNATURE-----