-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 03 Apr 2026 14:29:32 +0200 Source: openssl Architecture: source Version: 3.0.19-1~deb12u2 Distribution: bookworm-security Urgency: medium Maintainer: Debian OpenSSL Team Changed-By: Sebastian Andrzej Siewior Changes: openssl (3.0.19-1~deb12u2) bookworm-security; urgency=medium . * CVE-2026-28387 ("Potential use-after-free in DANE client code") * CVE-2026-28389 ("Possible NULL dereference when processing CMS KeyAgreeRecipientInfo") * CVE-2026-28390 ("Possible NULL dereference when processing CMS KeyTransportRecipient Info") * CVE-2026-31789 ("Heap buffer overflow in hexadecimal conversion") * CVE-2026-31790 ("Incorrect failure handling in RSA KEM RSASVE encapsulation") Checksums-Sha1: f1b3bf6e2a78270e03baf46f567e122ff1b0004f 2539 openssl_3.0.19-1~deb12u2.dsc 4455564a4d5ce5d312e28377e35420d6357a66ee 15280904 openssl_3.0.19.orig.tar.gz 4b8b1ab445f8ba3223a03995b654b1df1161cfcb 833 openssl_3.0.19.orig.tar.gz.asc 8b0d593a142dcd75fcf27e48b63a9da6ff63e31f 65088 openssl_3.0.19-1~deb12u2.debian.tar.xz Checksums-Sha256: 41e248cd9117c13ab0b7fdd2b54451630697c07bf2428dba2cc604e397d79fe6 2539 openssl_3.0.19-1~deb12u2.dsc fa5a4143b8aae18be53ef2f3caf29a2e0747430b8bc74d32d88335b94ab63072 15280904 openssl_3.0.19.orig.tar.gz 06da7f8f3e4663f58aaa86001923077b0fc98ebffe0673e1d2d733b0f0405d68 833 openssl_3.0.19.orig.tar.gz.asc 0c6c01d2a92f6b5f02fed230047461d2e8069f0112505686f51e4c9c8d8d5b8d 65088 openssl_3.0.19-1~deb12u2.debian.tar.xz Files: 8a3c669f67e2e5df3d60a2ba50824110 2539 utils optional openssl_3.0.19-1~deb12u2.dsc b0da2db1060860c122f910ee106ed4ba 15280904 utils optional openssl_3.0.19.orig.tar.gz e44b187c0fe7b4f81b6238fccfaa1106 833 utils optional openssl_3.0.19.orig.tar.gz.asc 105c376cf1375359faa51dbd45cdb1ae 65088 utils optional openssl_3.0.19-1~deb12u2.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQGzBAEBCgAdFiEEV4kucFIzBRM39v3RBWQfF1cS+lsFAmnP1/IACgkQBWQfF1cS +luu5QwAnPWruTQU71Td/ekMkf+bQKLR+Am4/3TQGjFOZjlRgYO5V+EAIiRcsEWp RHcvhmeJr9Exr9gdiAxnBbFx8Q/lormeD4vFqxGVDKxOngnHh0PZ0oavxUARdmLy Qj/mQsccNa0yMc8AUPwfoDAJXlEy4CoiGlY+KnVGVlGC8+++CZVLykLViZfotvfS yjqo7Z1Ua5Ir4yhmZ7ufgt+zpg9c1XvS6EkUOTl+ORxC8ZfMB6qHgQCfzlvD3Qml EGzE2qWFwcj7N7h4iRuESf/KBCMmO0uWR7qSfD1vddkG6XXSHEMKJdocMqEAthH3 VXd//Grm9nGHRTYbRNTVXTTPkBujCNKi3GNEAaFqqVZuiY/kbcMovkqecd7jZvXp 7h5sycIVJnzaKTcoIMryajkZX/MAq2bIdHdJQH32E+uHH5NVhk5Ca4cbS19qMIIv wVFIpVkDpCWCFpRITAmVMX3fk0+wxjdVPkHTom1Exh/JMznxxBHxjUww5OkRYABA X2wkMq6O =11wL -----END PGP SIGNATURE-----