Hi Andrew, Thank you for the insight! Appreciated, Mark On Mon, Oct 17, 2022 at 2:41 PM Andrew Pollock <apoll...@debian.org> wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > Hi, > > I like to go to the changelogs, as they're the most authoritative thing > available. > > > https://metadata.ftp-master.debian.org/changelogs//main/o/openssl/openssl_1.1.1n-0+deb11u3_changelog > > > This is linked from packages.debian.org/openssl > > Yes, Debian prefers to backport fixes for security updates to stable > releases rather than introduce new versions, see > https://www.debian.org/security/faq#oldversion > > regards > > Andrew > > On 2022-10-17 at 20:42, majorfakeem...@gmail.com wrote: > > I'm new to how Debian tracks this, so this is probably a simple question. > This says that CVE-2022-2068 is fixed in openssl 1.1.1n-0+deb11u3: > > > > https://security-tracker.debian.org/tracker/CVE-2022-2068 > > https://security-tracker.debian.org/tracker/source-package/openssl > > > > But openssl says that is fixed in openssl 1.1.1p (Affected 1.1.1-1.1.1o): > > > > https://www.openssl.org/news/vulnerabilities-1.1.1.html > > > > Does Debian back-port some of these fixes? > > > > Thanks! > > Mark > > > > > -----BEGIN PGP SIGNATURE----- > Version: FlowCrypt Email Encryption 8.3.8 > Comment: Seamlessly send and receive encrypted email > > wsFzBAEBCgAGBQJjTcvzACEJEFHf2Ts++3nvFiEEW3Akls+mpQcjnC15Ud/Z > Oz77ee8vCxAAl9iXLDe3Yp0Q89UAXfLfRF3Bd4/ZNtn/Dzs36rovr0xMOBXx > lQaPDNC0H/2NO+cpGulpQJj29T1MW35NUZq6GXZcqc4395gFQQzYZA83nvm6 > uwXHz0eMzl5eeR7FdvIqtYODFGBzQoNjc4P2j9aCxzL5agZCgfDl3scabioC > c45qAP0+ilnSjxSpdx+uPr2bRUC6HbSpWyiI0VwtWeY1UI6M6m7F5o/SsyCe > 3cQZtqwduKj61BGcCENvFMbOPPD5JF9nsi9k/B/fahkxe48d8gkDgO1NCDFD > yRjiY59U1EguJo7r38Er+IsL8QGc14qVR9k03jXElXNlLpIPXQyyfeAXQNHF > cH8/+2enn+tzNPP5One06x9LVge/rt0ICRnPfVSwZMoCQBXzoUsNvkPOESQj > 2dTi/frWuhM8DTKAv5rj66a+gpVb7ms+3Rode2CLhMUZn84tIQjKf2yCX+tx > A80PtdQkINTZtWZ73Ggaudzcvqqt2+13U47Kruwbbeg0Df/pw5ugSnVrARXk > IpA8nrliMDpOTWljrSwhfFM0f/Ad+2v2G9ZY9EZQaAHL1Jbr4+B65MTnu1m5 > o4eq8gD6uJkpe2se6qDuCN8KEgof8sjVWERRbOegHCpQ3pa+0cgVIXYD3CtF > s/iiU/w9/5agStw+elRjbLrOPyiRWQZp3Jg= > =ywtx > -----END PGP SIGNATURE----- >