Debian Patches
Status for openssl/3.5.1-1+deb13u1
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| debian-targets.patch | debian-targets | Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org> | no | 2017-11-05 | ||
| man-section.patch | man-section | Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org> | no | 2017-11-05 | ||
| no-symbolic.patch | no-symbolic | Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org> | no | 2017-11-05 | ||
| pic.patch | pic | Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org> | no | 2017-11-05 | ||
| c_rehash-compat.patch | also create old hash for compatibility | Ludwig Nussel <ludwig.nussel@suse.de> | no | 2010-04-21 | ||
| Configure-allow-to-enable-ktls-if-target-does-not-start-w.patch | Configure: allow to enable ktls if target does not start with Linux The Debian build system uses a `debian' target which sets CFLAGS and then we have for instance debian-amd64 which inherits from linux-x86_64 and debian. So far so good. Since the target name does not start with `linux', the build system does not enable ktls. So in order to get enabled, I added a `enable => [ "ktls" ],' to the generic linux config which sets it explicit). Having this set, we can check for it instead matching the target name. This commit is based on changes for afalgeng in commit 9e381e8a01859 ("Configure: allow to enable afalgeng if target does not start with Linux") |
Sebastian Andrzej Siewior <sebastian@breakpoint.cc> | no | 2021-04-01 | ||
| conf-Serialize-allocation-free-of-ssl_names.patch | conf: Serialize allocation/free of ssl_names. The access to `ssl_names' is not fully serialized. With multiple threads it is possible that more than one thread starts to clean up `ssl_names'. This leads to occasional segfaults if more than one terminates and performs the clean up. |
Sebastian Andrzej Siewior <sebastian@breakpoint.cc> | no | 2022-09-19 | ||
| use_proxy-Add-missing-terminating-NUL-byte.patch | use_proxy(): Add missing terminating NUL byte Fixes CVE-2025-9232 There is a missing terminating NUL byte after strncpy() call. Issue and a proposed fix reported by Stanislav Fort (Aisle Research). |
Tomas Mraz <tomas@openssl.org> | no | 2025-09-11 | ||
| kek_unwrap_key-Fix-incorrect-check-of-unwrapped-key-size.patch | kek_unwrap_key(): Fix incorrect check of unwrapped key size Fixes CVE-2025-9230 The check is off by 8 bytes so it is possible to overread by up to 8 bytes and overwrite up to 4 bytes. |
Viktor Dukhovni <openssl-users@dukhovni.org> | no | 2025-09-11 | ||
| SM2-Use-constant-time-modular-inversion.patch | SM2: Use constant time modular inversion Fixes CVE-2025-9231 Issue and a proposed fix reported by Stanislav Fort (Aisle Research). |
Tomas Mraz <tomas@openssl.org> | no | 2025-09-11 | ||
| ecp_sm2p256.c-Remove-unused-code.patch | ecp_sm2p256.c: Remove unused code | Tomas Mraz <tomas@openssl.org> | no | 2025-09-16 |
All known versions for source package 'openssl'
- 3.6.0-1 (experimental)
- 3.5.4-1 (sid, forky)
- 3.5.4-1~deb13u1 (trixie)
- 3.5.1-1+deb13u1 (trixie-security)
- 3.0.17-1~deb12u3 (bookworm-security, bookworm-proposed-updates)
- 3.0.17-1~deb12u2 (bookworm, bookworm-updates)
- 3.0.14-1~deb12u1 (bookworm-backports)