-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 03 Apr 2026 12:05:32 +0200
Source: openssl
Binary: libcrypto3-udeb libssl-dev libssl3-udeb libssl3t64 libssl3t64-dbgsym openssl openssl-dbgsym openssl-provider-fips openssl-provider-fips-dbgsym openssl-provider-legacy openssl-provider-legacy-dbgsym
Architecture: amd64
Version: 3.5.5-1~deb13u2
Distribution: trixie-security
Urgency: medium
Maintainer: all / amd64 / i386 Build Daemon (x86-conova-01) <buildd_amd64-x86-conova-01@buildd.debian.org>
Changed-By: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Description:
 libcrypto3-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb)
 libssl-dev - Secure Sockets Layer toolkit - development files
 libssl3-udeb - ssl shared library - udeb (udeb)
 libssl3t64 - Secure Sockets Layer toolkit - shared libraries
 openssl    - Secure Sockets Layer toolkit - cryptographic utility
 openssl-provider-fips - Secure Sockets Layer toolkit - cryptographic utility
 openssl-provider-legacy - Secure Sockets Layer toolkit - cryptographic utility
Closes: 1130650
Changes:
 openssl (3.5.5-1~deb13u2) trixie-security; urgency=medium
 .
   * CVE-2026-2673 ("OpenSSL TLS 1.3 server may choose unexpected key agreement
     group") (Closes: #1130650).
   * CVE-2026-28387 ("Potential use-after-free in DANE client code")
   * CVE-2026-28389 ("Possible NULL dereference when processing CMS
     KeyAgreeRecipientInfo")
   * CVE-2026-28390 ("Possible NULL dereference when processing CMS
     KeyTransportRecipient Info")
   * CVE-2026-31789 ("Heap buffer overflow in hexadecimal conversion")
   * CVE-2026-31790 ("Incorrect failure handling in RSA KEM RSASVE
     encapsulation")
Checksums-Sha1:
 c20790550212285c39849af6a7a317e14c7b633f 2015604 libcrypto3-udeb_3.5.5-1~deb13u2_amd64.udeb
 522af25b9474b5498b1e843348a54f39c78b05c1 2954212 libssl-dev_3.5.5-1~deb13u2_amd64.deb
 a92fdfce47385291f0b22c509e5987c19865c5f8 371820 libssl3-udeb_3.5.5-1~deb13u2_amd64.udeb
 6a558d689170e0e8cfeb2575c329388d4fda9d70 6210564 libssl3t64-dbgsym_3.5.5-1~deb13u2_amd64.deb
 0ce2adefa6f6b4c08aa27a54f86b78cf67c1493c 2445272 libssl3t64_3.5.5-1~deb13u2_amd64.deb
 288e955b123c4668a364635e1d88595c6b3c73f0 744024 openssl-dbgsym_3.5.5-1~deb13u2_amd64.deb
 fa8788e35baf77a8e3a114eda77d76dea020d409 1827580 openssl-provider-fips-dbgsym_3.5.5-1~deb13u2_amd64.deb
 ae2e028eeb5d96c5196a1e967eff6ba7d9409e88 1103136 openssl-provider-fips_3.5.5-1~deb13u2_amd64.deb
 bb9b47ef5a02a7dd18915cb5f30d48acff246625 97780 openssl-provider-legacy-dbgsym_3.5.5-1~deb13u2_amd64.deb
 9259347580e15ad5b91d64e51ff97b3daadcc717 310940 openssl-provider-legacy_3.5.5-1~deb13u2_amd64.deb
 7ffd18c0b7fa06c728793a3b0c45d9e6b8aad9a1 8792 openssl_3.5.5-1~deb13u2_amd64-buildd.buildinfo
 12bafb01faca88403942e8cf5e53b60b465f0cd5 1500092 openssl_3.5.5-1~deb13u2_amd64.deb
Checksums-Sha256:
 d4448e079bb03b448a06851afd95b946a12873681500f2e7936300ea010aa834 2015604 libcrypto3-udeb_3.5.5-1~deb13u2_amd64.udeb
 9b09454696ca531080bc5187101d32c7f4ae8243065502cdfc8fa1c0a5658bb7 2954212 libssl-dev_3.5.5-1~deb13u2_amd64.deb
 746cca2a8a793db2fe1c83a1135da116d8c8c3c242e8684c54cc755b60f8af20 371820 libssl3-udeb_3.5.5-1~deb13u2_amd64.udeb
 c3ad39e3011d6c980395e51df80d81d2afd755d59980689dd2ef5d7bb825fc5a 6210564 libssl3t64-dbgsym_3.5.5-1~deb13u2_amd64.deb
 9d7946e9d5515c0bb86f080288c9894a4d68ba8cd1ad70149922187e12df30ab 2445272 libssl3t64_3.5.5-1~deb13u2_amd64.deb
 2a254e0b952e264950e59d3039cff04e4c7f4b1c302ad9144bd78aa58a314881 744024 openssl-dbgsym_3.5.5-1~deb13u2_amd64.deb
 8de520e08b8ca38587255424e03b5f0c9c11c788702dfa95ac284fc0cb34c35a 1827580 openssl-provider-fips-dbgsym_3.5.5-1~deb13u2_amd64.deb
 191a708e4fe9717f558869af903dd491ff3a2b68c4bf98970d4c28a63984a86a 1103136 openssl-provider-fips_3.5.5-1~deb13u2_amd64.deb
 37a5b1fe57d2eea916b39a4481444eb6e9efda2dca3dbcb6f7484b10de462004 97780 openssl-provider-legacy-dbgsym_3.5.5-1~deb13u2_amd64.deb
 078f2fd8b33b7971bb1f5e5521cb0fabc39e0c8fddf09809d426acedefa984e9 310940 openssl-provider-legacy_3.5.5-1~deb13u2_amd64.deb
 d7459c98e9812c8770f2d868d2eb76a5ec78da5b82ac7a1ff233ef66cf8c819b 8792 openssl_3.5.5-1~deb13u2_amd64-buildd.buildinfo
 8f86f1b42498bd67d8f3bc347b53de78ce2aff3da5fbd93cfbcf0444a92de43e 1500092 openssl_3.5.5-1~deb13u2_amd64.deb
Files:
 ed140bc98b5e239a252720c8a39a7a8b 2015604 debian-installer optional libcrypto3-udeb_3.5.5-1~deb13u2_amd64.udeb
 08ae2945280e81633eac86b8b7042383 2954212 libdevel optional libssl-dev_3.5.5-1~deb13u2_amd64.deb
 75dca053ea82b4d1f18958a1780c06d6 371820 debian-installer optional libssl3-udeb_3.5.5-1~deb13u2_amd64.udeb
 2b2bbbf823a49513f0021097bd78fe74 6210564 debug optional libssl3t64-dbgsym_3.5.5-1~deb13u2_amd64.deb
 44c9288ec271fc3a4b07808f2f07245d 2445272 libs optional libssl3t64_3.5.5-1~deb13u2_amd64.deb
 3c6cec47f16eca19a13bdfc70c02feb2 744024 debug optional openssl-dbgsym_3.5.5-1~deb13u2_amd64.deb
 701b8dc974a58b5d6b048d008f90e91d 1827580 debug optional openssl-provider-fips-dbgsym_3.5.5-1~deb13u2_amd64.deb
 d45b03f849ac2aa5488110dbe01909b7 1103136 utils optional openssl-provider-fips_3.5.5-1~deb13u2_amd64.deb
 6385c1bbbd81057f28b28ea0af3f3249 97780 debug optional openssl-provider-legacy-dbgsym_3.5.5-1~deb13u2_amd64.deb
 8c867772bb2a1f08117ddbc76e507893 310940 utils optional openssl-provider-legacy_3.5.5-1~deb13u2_amd64.deb
 d28b07099a335ea6aba076c5c5e9d007 8792 utils optional openssl_3.5.5-1~deb13u2_amd64-buildd.buildinfo
 587b698d6a7ac94d268c5412e051e2b2 1500092 utils optional openssl_3.5.5-1~deb13u2_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE7cQ9mRD4+dWjjrb6PkCWRKsh20cFAmnP4ZwACgkQPkCWRKsh
20dqVA//R2CDJEWgzeIhNOW0WPAZyFy0ByMXG2MsKhlpP2xWKzygttMSrKBcFc5I
l1OqP3ISsDV8ym04myp+ZALXoUvbO9N4Ai7dINQYE5PDP+S3T/Eu/7yl6jj6gANH
KDbRjRS2Hei6HCm4hwYxHQASK9ha8ErTCWj7WdXb7h73koTFwyPMM/IhNQB9C771
fw9MH+cSXe+Ph738U7A/HMDNowym5bfQJ+rBofnNDbZtcqy6d3bsG4B1q0flrRbW
vj+dQvkIxRZ0JbJiXf34U8p92RD+ZZkyHDhRRxtKf9XH0A6mWxCNqo+CZQ3ogRJH
pqne2WHNUf+iVRF5HcrheULKKC2dZn9dbxRzRLrtaG7NwEdsX9KErpPttIpxbvbz
c6cT00qsDqpTHzHm11YnGPvlYORNkGXaiVSO7dDdAlyEMZXHUqP9MGpA1A422ZxE
2m8NOjWaGD34UmClB5eHouwI2npYdg+bHrwJNaNQM7aAhuYHikrhYO+VLk0UEQ7a
ltmfPTdqHxI2a8eFVz0/n73iBRROA9Er+JwKHNDaxKoC2/oxrxbEL/w+Qc8IaX2a
kCbUOn5BnKJkxUXKX6bp+JDz6cl8/VqqtM803GQsy1t72DYfvWO3urbJ2xpktZEA
a/i8g32z3AEgXXr0Q2d4J0gL3h6yPEyWES1TbxNqPRNeYWik600=
=0l2t
-----END PGP SIGNATURE-----