Control: tags -1 d-i Hi kibi,
Can you have a look at this onblock request? It's blocked on your block-udeb.
Paul On 30-05-2023 22:52, Sebastian Andrzej Siewior wrote:
control: retitle -1 unblock: openssl/3.0.9-1 On 2023-05-30 22:16:53 [+0200], To sub...@bugs.debian.org wrote:Please unblock package openssl. The 3.0.9 release contains security and non-security related fixes for the package. There are five new CVEs in total that has been addressed. One with "moderate" severity. From the package's changelog: - CVE-2023-0464 (Excessive Resource Usage Verifying X.509 Policy Constraints) (Closes: #1034720). - CVE-2023-0465 (Invalid certificate policies in leaf certificates are silently ignored). - CVE-2023-0466 (Certificate policy check not enabled). - Alternative fix for CVE-2022-4304 (Timing Oracle in RSA Decryption). - CVE-2023-2650 (Possible DoS translating ASN.1 object identifiers). - CVE-2023-1255 (Input buffer over-read in AES-XTS implementation on 64 bit ARM). The package built on all release architectures (it is still building on mipsel at the of writing but I expect it to pass). The openssl testsuite run on all architectures during the build process. Please find attached the debdiff vs the version in testing. unblock openssl/3.0.9-1Sebastian
OpenPGP_signature
Description: OpenPGP digital signature
