-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4321-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 03, 2025 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : openssl Version : 1.1.1w-0+deb11u4 CVE ID : CVE-2025-9230 Stanislav Fort discovered an out of bounds read and write issue when decrypting CMS messages that were encrypted using password based encryption. For Debian 11 bullseye, this problem has been fixed in version 1.1.1w-0+deb11u4. We recommend that you upgrade your openssl packages. For the detailed security status of openssl please refer to its security tracker page at: https://security-tracker.debian.org/tracker/openssl Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmjf8QwACgkQnUbEiOQ2 gwJnZg//ZT1IZiOKVLWZDAV4GqnnlCArUK6ycQjcqrDwOKUnJzVNpWmLz/2sWxCt W8Auc20RxdSnzzGiTswSnnqGteVBc4hv0vbc1TpE/TubA8fzp69T1UnDQZWDrQ9C 4ZY6YD+FFfrKsWO9wAdKdytUekCo7Qng/G1EeZKwbrIGa4VSQc5DPx3Y7YS+st62 pMQZ7oRreEWdWOWcRn/7eiFhVXS+6JFtuFblK7nsoTvvf/1eGpdiCc7t79vwVwji 0hSL7Y/kAyw5h/8cDyNHa85Al2Y5zBTsTIkVL0QpcmcSxcpMSC08w9CcLVkm6WMM hYQi5qAh8TV2Q3opB3e6CaacBAfx9OR8sxQZz1roDS9aFONAjjCBEMU53i0buMdx Hwisih8iACGV4XLiOXpCBI+W1D6cCeF6kJQzSEOQ0Gr+SIJy+Vwwus2FkWL4K03r x3heqgsftU7UaXuYQT84T1A5VoFvpcp00xptHCYnu0DyQ3jZRy0EGlqoVIMNh+B/ ftjEXmkQH9bqiIzNlPnn/TGpSbzzwbvLm+qdwbDkGakbjj980AVjPFv8IG+Gfos9 qaaI/d9ZZdbwkuYO+fIYBV0ohgEec/ZxtXegTY2NFzcq3huZEJMHUjXja+auZ0jt lNxvEroXEeAes2foiNLklG3mA4vLaciqfp2LkZOzm3pAoRdggqw= =GKOt -----END PGP SIGNATURE-----
