Package "libssl-doc"

  openssl (3.5.5-1ubuntu3.2) resolute-security; urgency=medium

  * SECURITY UPDATE: Heap Buffer Over-read in ASN.1 Content Parsing
    - debian/patches/CVE-2026-34180.patch: Avoid length truncation in
      ASN1_STRING_set in crypto/asn1/tasn_dec.c.
    - CVE-2026-34180
  * SECURITY UPDATE: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys
    - debian/patches/CVE-2026-34181.patch: pkcs12: verify that the pbmac1 key
      length is safe in crypto/pkcs12/p12_mutl.c.
    - CVE-2026-34181
  * SECURITY UPDATE: CMS AuthEnvelopedData Processing May Accept Forged Messages
    - debian/patches/CVE-2026-34182-1.patch: Reject potentially forged encrypted
      CMS AuthEnvelopedData messages in crypto/cms/cms_enc.c.
    - debian/patches/CVE-2026-34182-2.patch: Add tests for CVE-2026-34182 in
      test/cmsapitest.c.
    - CVE-2026-34182
  * SECURITY UPDATE: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler
    - debian/patches/CVE-2026-34183-1.patch: QUIC stack must limit the number of
      PATH_CHALLENGE frames processed in RX in include/internal/quic_cfq.h,
      include/internal/quic_channel.h, include/internal/quic_fifd.h,
      ssl/quic/quic_cfq.c, ssl/quic/quic_channel.c,
      ssl/quic/quic_channel_local.h, ssl/quic/quic_fifd.c,
      ssl/quic/quic_rx_depack.c, ssl/quic/quic_txp.c.
    - debian/patches/CVE-2026-34183-2.patch: Add test for path challenge flood
      mitigation in include/internal/quic_channel.h, ssl/quic/quic_channel.c,
      ssl/quic/quic_channel_local.h, ssl/quic/quic_rx_depack.c,
      test/radix/quic_tests.c.
    - CVE-2026-34183
  * SECURITY UPDATE: NULL pointer dereference in QUIC server initial packet
    handling
    - debian/patches/CVE-2026-42764.patch: Fix NULL dereference in QUIC address
      validation in ssl/quic/quic_port.c.
    - CVE-2026-42764
  * SECURITY UPDATE: Possible NULL Dereference in Password-Based CMS Decryption
    - debian/patches/CVE-2026-42766.patch: Fix potential NULL dereference
      processing CMS PasswordRecipientInfo in crypto/cms/cms_pwri.c.
    - CVE-2026-42766
  * SECURITY UPDATE: NULL Pointer Dereference in CRMF EncryptedValue Decryption
    - debian/patches/CVE-2026-42767.patch: Fix potential NULL dereference in
      OSSL_CRMF_ENCRYPTEDVALUE_decrypt() in crypto/crmf/crmf_lib.c.
    - CVE-2026-42767
  * SECURITY UPDATE: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt()
    and PKCS7_decrypt()
    - debian/patches/CVE-2026-42768.patch: Enforce implicit rejection for
      CMS/PKCS#7 decryption in crypto/cms/cms_env.c, crypto/pkcs7/pk7_doit.c,
      doc/man3/CMS_decrypt.pod, doc/man3/PKCS7_decrypt.pod.
    - CVE-2026-42768
  * SECURITY UPDATE: Trust-Anchor Substitution via cert/issuer Typo in CMP
    rootCaKeyUpdate
    - debian/patches/CVE-2026-42769.patch: Use the correct issuer when
      validating rootCAKeyUpdate in crypto/cmp/cmp_genm.c.
    - CVE-2026-42769
  * SECURITY UPDATE: FFC-DH Peer Validation Uses Attacker-Supplied q
    - debian/patches/CVE-2026-42770.patch: Match the local q DHX parameter
      against the peer's q in providers/implementations/exchange/dh_exch.c.
    - CVE-2026-42770
  * SECURITY UPDATE: AES-OCB IV Ignored on EVP_Cipher() Path
    - debian/patches/CVE-2026-45445.patch: Apply the buffered IV on the AES-OCB
      EVP_Cipher() path in providers/implementations/ciphers/cipher_aes_ocb.c,
      test/evp_extra_test.c.
    - CVE-2026-45445
  * SECURITY UPDATE: Incorrect Tag Processing for Empty Messages in
    AES-GCM-SIV and AES-SIV modes
    - debian/patches/CVE-2026-45446.patch: Fix handling of empty-ciphertext
      messages in AES-GCM-SIV and AES-SIV in
      providers/implementations/ciphers/cipher_aes_gcm_siv_hw.c,
      providers/implementations/ciphers/cipher_aes_siv.c, test/evp_extra_test.c.
    - CVE-2026-45446
  * SECURITY UPDATE: Heap Use-After-Free in OpenSSL PKCS7_verify()
    - debian/patches/CVE-2026-45447-1.patch: Fix possible use-after-free in
      OpenSSL PKCS7_verify() in crypto/pkcs7/pk7_smime.c.
    - debian/patches/CVE-2026-45447-2.patch: Test for CVE-2026-45447 (UAF in
      PKCS7_verify) in test/recipes/80-test_cms.t, test/smime-eml/pkcs7-empty-
      digest-set.eml.
    - CVE-2026-45447
  * SECURITY UPDATE: Possible Heap Buffer Overflow in ASN.1 Multibyte String
    Conversion
    - debian/patches/CVE-2026-7383.patch: Reject oversized inputs in
      ASN1_mbstring_ncopy() in crypto/asn1/a_mbstr.c.
    - CVE-2026-7383
  * SECURITY UPDATE: Out-of-Bounds Read in CMS Password-Based Decryption
    - debian/patches/CVE-2026-9076.patch: cms: kek_unwrap_key: Fix out-of-
      bounds read in check-byte validation in crypto/cms/cms_pwri.c.
    - CVE-2026-9076
  * Fix ppc64 FTBFS because of incorrect regex match (LP: 2137464)
    - debian/patches/regex_match_ecp_nistp521-ppc64.patch: removed,
      incomplete version.
    - debian/patches/fix_ppc64_regex_match.patch: match last filename for
      output in ecp_nistp*-ppc64.pl.

 -- Marc Deslauriers <email address hidden> Tue, 02 Jun 2026 13:21:36 -0400