[Deepin Integration]~[v25-Release] Security update: 13 CVEs by UTsweetyfish@deepin-community/openssl by deepin-community-ci-bot[bot] #12746
Description
Package information | 软件包信息
| 包名 | 版本 |
|---|---|
| openssl | 3.2.4-0deepin6 |
Package repository address | 软件包仓库地址
deb [trusted=yes] https://ci.deepin.com/repo/obs/deepin:/CI:/TestingIntegration:/test-integration-pr-3656/testing/ ./
Changelog | 更新信息
openssl (3.2.4-0deepin6) unstable; urgency=medium
- Security update: 13 CVEs
See: openssl: CVE-2025-4575, CVE-2025-9230, CVE-2025-9231, CVE-2025-9232 deepin-community/sig-deepin-security#235
See: openssl: CVE-2025-11187, CVE-2025-15467, CVE-2025-15468, CVE-2025-15469, CVE-2025-66199, CVE-2025-68160, CVE-2025-69418, CVE-2025-69419, CVE-2025-69420, CVE-2025-69421, CVE-2026-22795, CVE-2026-22796 deepin-community/sig-deepin-security#232- CVE-2025-9230:
openssl/openssl@b5282d6 - CVE-2025-9231:
openssl/openssl@cba616c - CVE-2025-9232:
openssl/openssl@89e790a - CVE-2025-15467:
0ddd6b6 Correct handling of AEAD-encrypted CMS with inadmissibly long IV
b1a995e Some comments to clarify functions usage
6297ac4 Test for handling of AEAD-encrypted CMS with inadmissibly long IV - CVE-2025-15468:
293b55d ossl_quic_get_cipher_by_char(): Add a NULL guard before dereferencing SSL_CIPHER - CVE-2025-66199:
84f73f7 Check the received uncompressed certificate length to prevent excessive pre-decompression allocation. - CVE-2025-68160:
b21663c Fix heap buffer overflow in BIO_f_linebuffer - CVE-2025-69418:
be9375d Fix OCB AES-NI/HW stream path unauthenticated/unencrypted trailing bytes - CVE-2025-69419:
53b78f2 Check return code of UTF8_putc - CVE-2025-69420:
ea8fc4c Verify ASN1 object's types before attempting to access them as a particular type - CVE-2025-69421:
2c13bf1 PKCS12_item_decrypt_d2i_ex(): Check oct argument for NULL - CVE-2026-22795, CVE-2026-22796
c082649 Ensure ASN1 types are checked before use.
- CVE-2025-9230:
Metadata
Metadata
Assignees
Labels
Type
Projects
Status