openssl (3.1.1-1) [PTS] [DDPO]

OLD: VCS is behind the version in the archive: 3.0.8-1 < 3.1.1-1.

Git: https://salsa.debian.org/debian/openssl.git
JSON
Enter a full Vcs-* header, supported schemes are: Vcs-Bzr, Vcs-Cvs, Vcs-Darcs, Vcs-Git, Vcs-Hg, Vcs-Mtn, Vcs-Svn.
For Vcs-Git append -b branch to select the branch name; append [subdir] if the debian/ directory is not in the repository root.
The next upload will reset the information from the source package headers.
Branch: debian/unstable
Path: debian/changelog
Repo size: 176246784
Browser: https://salsa.debian.org/debian/openssl
Last scan: 2023-06-08 02:08:40+00
Next scan: 2023-06-13 08:43:00+00
Merge requests: 7
CI pipeline status: failed

Debian changelog in Git:

openssl (3.0.8-1) unstable; urgency=medium

  * Import 3.0.7
    - CVE-2023-0401 (NULL dereference during PKCS7 data verification).
    - CVE-2023-0286 (X.400 address type confusion in X.509 GeneralName).
    - CVE-2023-0217 (NULL dereference validating DSA public key).
    - CVE-2023-0216 (Invalid pointer dereference in d2i_PKCS7 functions).
    - CVE-2023-0215 (Use-after-free following BIO_new_NDEF).
    - CVE-2022-4450 (Double free after calling PEM_read_bio_ex).
    - CVE-2022-4304 (Timing Oracle in RSA Decryption).
    - CVE-2022-4203 (X.509 Name Constraints Read Buffer Overflow).
    - Padlock: fix byte swapping assembly for AES-192 and 256
      (Closes: #1029259).
    - Add new symbol.
  * Make loongarch64 little endian (Closes: #1029281).
  * Drop conflict against libssl1.0-dev.
  * Update Standards-Version to 4.6.1. No changes required.

 -- Sebastian Andrzej Siewior <sebastian@breakpoint.cc>  Tue, 07 Feb 2023 21:42:42 +0100

This branch is even with tag debian/openssl-3.0.8-1