[ubuntu/plucky-security] openssl 3.4.1-1ubuntu4 (Accepted)
Hlib Korzhynskyy
hlib.korzhynskyy at canonical.com
Tue Sep 30 14:29:49 UTC 2025
openssl (3.4.1-1ubuntu4) plucky-security; urgency=medium
* SECURITY UPDATE: Out-of-bounds read & write in RFC 3211 KEK Unwrap
- debian/patches/CVE-2025-9230.patch: fix incorrect check of unwrapped
key size in crypto/cms/cms_pwri.c.
- CVE-2025-9230
* SECURITY UPDATE: Timing side-channel in SM2 algorithm on 64 bit ARM
- debian/patches/CVE-2025-9231-1.patch: use constant time modular
inversion in crypto/ec/ecp_sm2p256.c.
- debian/patches/CVE-2025-9231-2.patch: remove unused code in
crypto/ec/ecp_sm2p256.c.
- CVE-2025-9231
* SECURITY UPDATE: Out-of-bounds read in HTTP client no_proxy handling
- debian/patches/CVE-2025-9232.patch: add missing terminating NUL byte
in crypto/http/http_lib.c.
- CVE-2025-9232
Date: 2025-09-24 12:17:15.988116+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Hlib Korzhynskyy <hlib.korzhynskyy at canonical.com>
https://launchpad.net/ubuntu/+source/openssl/3.4.1-1ubuntu4
-------------- next part --------------
Sorry, changesfile not available.
More information about the plucky-changes
mailing list