https://mta.openssl.org/pipermail/openssl-announce/2023-January/000248.html """ Hello, The OpenSSL project team would like to announce the forthcoming release of OpenSSL versions 3.0.8, 1.1.1t and 1.0.2zg. Note that OpenSSL 1.0.2 is End Of Life and so 1.0.2zg will be available to premium support customers only. These releases will be made available on Tuesday 7th February 2023 between 1300-1700 UTC. These are security-fix releases. The highest severity issue fixed in each of these three releases is High: https://www.openssl.org/policies/secpolicy.html Yours The OpenSSL Project Team """
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f4cbfc0cf23eb89fe311d0404afe0134a1c7324d commit f4cbfc0cf23eb89fe311d0404afe0134a1c7324d Author: Sam James <sam@gentoo.org> AuthorDate: 2023-02-07 16:50:41 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-02-07 16:53:13 +0000 dev-libs/openssl: add 3.0.8 Bug: https://bugs.gentoo.org/893446 Signed-off-by: Sam James <sam@gentoo.org> dev-libs/openssl/Manifest | 2 + dev-libs/openssl/openssl-3.0.8.ebuild | 260 ++++++++++++++++++++++++++++++++++ 2 files changed, 262 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7421cd7524852eeb68ca87eccbbe31ab1e0f906c commit 7421cd7524852eeb68ca87eccbbe31ab1e0f906c Author: Sam James <sam@gentoo.org> AuthorDate: 2023-02-07 16:51:35 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-02-07 16:53:13 +0000 dev-libs/openssl: keyword 1.1.1t Originally unkeyworded as we copied from 8263780cbef6fd6d62bdd57dc14373f869739e77. Bug: https://bugs.gentoo.org/893446 Signed-off-by: Sam James <sam@gentoo.org> dev-libs/openssl/openssl-1.1.1t.ebuild | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f288f0e0ea80bccae6a5e074e605ac5982e84b98 commit f288f0e0ea80bccae6a5e074e605ac5982e84b98 Author: Sam James <sam@gentoo.org> AuthorDate: 2023-02-07 16:43:04 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-02-07 16:53:12 +0000 dev-libs/openssl: add 1.1.1t Bug: https://bugs.gentoo.org/893446 Signed-off-by: Sam James <sam@gentoo.org> dev-libs/openssl/Manifest | 2 + dev-libs/openssl/openssl-1.1.1t.ebuild | 340 +++++++++++++++++++++++++++++++++ 2 files changed, 342 insertions(+)
Advisory: https://mta.openssl.org/pipermail/openssl-announce/2023-February/000251.html
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b1c15de07da848681bf49fea4541b36fad4ae848 commit b1c15de07da848681bf49fea4541b36fad4ae848 Author: Sam James <sam@gentoo.org> AuthorDate: 2023-02-13 07:02:46 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-02-13 07:02:46 +0000 dev-libs/openssl-compat: add 1.1.1t Bug: https://bugs.gentoo.org/893446 Signed-off-by: Sam James <sam@gentoo.org> dev-libs/openssl-compat/Manifest | 2 + dev-libs/openssl-compat/files/gentoo.config-1.0.4 | 176 ++++++++++++++++ .../openssl-compat/openssl-compat-1.1.1t.ebuild | 221 +++++++++++++++++++++ 3 files changed, 399 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=f353a9a7c6ffd4dd54f9b93774d103942a88892e commit f353a9a7c6ffd4dd54f9b93774d103942a88892e Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-02-04 08:02:53 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-02-04 08:03:15 +0000 [ GLSA 202402-08 ] OpenSSL: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/876787 Bug: https://bugs.gentoo.org/893446 Bug: https://bugs.gentoo.org/902779 Bug: https://bugs.gentoo.org/903545 Bug: https://bugs.gentoo.org/907413 Bug: https://bugs.gentoo.org/910556 Bug: https://bugs.gentoo.org/911560 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202402-08.xml | 63 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 63 insertions(+)