rust-openssl (0.10.23-1ubuntu0.1~esm1) focal-security; urgency=medium

  * SECURITY UPDATE: out-of-bound read on X509VerifyParamRef::set_host
    - debian/patches/CVE-2023-53159.patch: verify that host is not an
      empty string.
    - CVE-2023-53159
  * SECURITY UPDATE: use after free on ssl::select_next_proto
    - debian/patches/CVE-2025-24898.patch: set the server lifetime
      equals to the client lifetime.
    - CVE-2025-24898

 -- Federico Quattrin <federico.quattrin@canonical.com>  Tue, 25 Nov 2025 09:13:23 -0300

rust-openssl (0.10.23-1) unstable; urgency=medium

  * Package openssl 0.10.23 from crates.io using debcargo 2.2.10

 -- Ximin Luo <infinity0@debian.org>  Thu, 30 May 2019 21:59:26 -0700

rust-openssl (0.10.16-1) unstable; urgency=medium

  * Package openssl 0.10.16 from crates.io using debcargo 2.2.9

 -- Ximin Luo <infinity0@debian.org>  Wed, 26 Dec 2018 15:25:15 -0800

rust-openssl (0.10.10-1) unstable; urgency=medium

  * Package openssl 0.10.10 from crates.io using debcargo 2.2.5

 -- Ximin Luo <infinity0@debian.org>  Fri, 03 Aug 2018 05:38:57 -0700
