ecp_nistp521-ppc64.pl output regex failure

Launchpad Bug Tracker Wed, 08 Apr 2026 05:52:36 -0700

This bug was fixed in the package openssl - 3.5.3-1ubuntu3.3

---------------
openssl (3.5.3-1ubuntu3.3) questing-security; urgency=medium


  * SECURITY UPDATE: OpenSSL TLS 1.3 server may choose unexpected key
    agreement group
    - debian/patches/CVE-2026-2673.patch: fix group tuple handling in
      DEFAULT expansion in doc/man3/SSL_CTX_set1_curves.pod,
      ssl/t1_lib.c, test/tls13groupselection_test.c.
    - CVE-2026-2673
  * SECURITY UPDATE: NULL pointer dereference when processing an OCSP
    response
    - debian/patches/CVE-2026-28387.patch: dane_match_cert() should
      X509_free() on ->mcert instead of OPENSSL_free() in
      crypto/x509/x509_vfy.c.
    - CVE-2026-28387
  * SECURITY UPDATE: NULL Pointer Dereference When Processing a Delta CRL
    - debian/patches/CVE-2026-28388-1.patch: fix NULL Dereference When
      Delta CRL Lacks CRL Number Extension in crypto/x509/x509_vfy.c.
    - debian/patches/CVE-2026-28388-2.patch: Added test in test/*.
    - CVE-2026-28388
  * SECURITY UPDATE: Possible NULL dereference when processing CMS
    KeyAgreeRecipientInfo
    - debian/patches/CVE-2026-28389.patch: Fix NULL deref in
      [ec]dh_cms_set_shared_info in crypto/cms/cms_dh.c,
      crypto/cms/cms_ec.c.
    - CVE-2026-28389
  * SECURITY UPDATE: Possible NULL Dereference When Processing CMS
    KeyTransportRecipientInfo
    - debian/patches/CVE-2026-28390.patch: Fix NULL deref in
      rsa_cms_decrypt in crypto/cms/cms_rsa.c.
    - CVE-2026-28390
  * SECURITY UPDATE: Heap buffer overflow in hexadecimal conversion
    - debian/patches/CVE-2026-31789.patch: avoid possible buffer overflow
      in buf2hex conversion in crypto/o_str.c.
    - CVE-2026-31789
  * SECURITY UPDATE: Incorrect failure handling in RSA KEM RSASVE
    encapsulation
    - debian/patches/CVE-2026-31790-1.patch: validate RSA_public_encrypt()
      result in RSASVE in providers/implementations/kem/rsa_kem.c.
    - debian/patches/CVE-2026-31790-2.patch: test RSA_public_encrypt()
      result in RSASVE in test/evp_extra_test.c.
    - CVE-2026-31790
  * Fix ppc64 FTBFS because of incorrect regex match (LP: #2137464)
    - debian/patches/fix_ppc64_regex_match.patch: match last filename for
      output in ecp_nistp*-ppc64.pl.

 -- Marc Deslauriers <[email protected]>  Tue, 07 Apr 2026
08:05:56 -0400

** Changed in: openssl (Ubuntu Questing)
       Status: New => Fix Released

** CVE added: https://cve.org/CVERecord?id=CVE-2026-2673

** CVE added: https://cve.org/CVERecord?id=CVE-2026-28387

** CVE added: https://cve.org/CVERecord?id=CVE-2026-28388

** CVE added: https://cve.org/CVERecord?id=CVE-2026-28389

** CVE added: https://cve.org/CVERecord?id=CVE-2026-28390

** CVE added: https://cve.org/CVERecord?id=CVE-2026-31789

** CVE added: https://cve.org/CVERecord?id=CVE-2026-31790

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2137464

Title:
  crypto/ec/asm/ecp_nistp521-ppc64.pl output regex failure

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2137464/+subscriptions


-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2137464] Re: crypto/ec/asm/ecp_nistp521-ppc64.pl output regex failure

Reply via email to