| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: openssl3-debuginfo | Distribution: Fedora Project |
| Version: 3.0.7 | Vendor: Fedora Project |
| Release: 5.el8.1 | Build date: Fri Feb 10 21:14:56 2023 |
| Group: Development/Debug | Build host: buildhw-x86-13.iad2.fedoraproject.org |
| Size: 2534743 | Source RPM: openssl3-3.0.7-5.el8.1.src.rpm |
| Packager: Fedora Project | |
| Url: http://www.openssl.org/ | |
| Summary: Debug information for package openssl3 | |
This package provides debug information for package openssl3. Debug information is useful when developing applications that use this package or when debugging this package.
ASL 2.0
* Thu Feb 09 2023 Michel Alexandre Salim <salimma@fedoraproject.org> 3.0.7-5.1
- Merge c9s openssl changes to pick up CVE fixes
- Back out f2a49ef424f831aac988356fc8b2b910e443dc42 as that caused test failures
* Wed Feb 08 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.7-5
- Fixed X.509 Name Constraints Read Buffer Overflow
Resolves: CVE-2022-4203
- Fixed Timing Oracle in RSA Decryption
Resolves: CVE-2022-4304
- Fixed Double free after calling PEM_read_bio_ex
Resolves: CVE-2022-4450
- Fixed Use-after-free following BIO_new_NDEF
Resolves: CVE-2023-0215
- Fixed Invalid pointer dereference in d2i_PKCS7 functions
Resolves: CVE-2023-0216
- Fixed NULL dereference validating DSA public key
Resolves: CVE-2023-0217
- Fixed X.400 address type confusion in X.509 GeneralName
Resolves: CVE-2023-0286
- Fixed NULL dereference during PKCS7 data verification
Resolves: CVE-2023-0401
* Wed Jan 11 2023 Clemens Lang <cllang@redhat.com> - 1:3.0.7-4
- Disallow SHAKE in RSA-OAEP decryption in FIPS mode
Resolves: rhbz#2142121
* Thu Jan 05 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.7-3
- Refactor OpenSSL fips module MAC verification
Resolves: rhbz#2157965
* Thu Nov 24 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.7-2
- Various provider-related imrovements necessary for PKCS#11 provider correct operations
Resolves: rhbz#2142517
- We should export 2 versions of OPENSSL_str[n]casecmp to be compatible with upstream
Resolves: rhbz#2133809
- Removed recommended package for openssl-libs
Resolves: rhbz#2093804
- Adjusting include for the FIPS_mode macro
Resolves: rhbz#2083879
- Backport of ppc64le Montgomery multiply enhancement
Resolves: rhbz#2130708
- Fix explicit indicator for PSS salt length in FIPS mode when used with
negative magic values
Resolves: rhbz#2142087
- Update change to default PSS salt length with patch state from upstream
Related: rhbz#2142087
* Tue Nov 22 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.7-1
- Rebasing to OpenSSL 3.0.7
Resolves: rhbz#2129063
* Mon Nov 14 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-44
- SHAKE-128/256 are not allowed with RSA in FIPS mode
Resolves: rhbz#2144010
- Avoid memory leaks in TLS
Resolves: rhbz#2144008
- FIPS RSA CRT tests must use correct parameters
Resolves: rhbz#2144006
- FIPS-140-3 permits only SHA1, SHA256, and SHA512 for DRBG-HASH/DRBG-HMAC
Resolves: rhbz#2144017
- Remove support for X9.31 signature padding in FIPS mode
Resolves: rhbz#2144015
- Add explicit indicator for SP 800-108 KDFs with short key lengths
Resolves: rhbz#2144019
- Add explicit indicator for HMAC with short key lengths
Resolves: rhbz#2144000
- Set minimum password length for PBKDF2 in FIPS mode
Resolves: rhbz#2144003
- Add explicit indicator for PSS salt length in FIPS mode
Resolves: rhbz#2144012
- Clamp default PSS salt length to digest size for FIPS 186-4 compliance
Related: rhbz#2144012
- Forbid short RSA keys for key encapsulation/decapsulation in FIPS mode
Resolves: rhbz#2145170
* Tue Nov 01 2022 Michel Alexandre Salim <salimma@fedoraproject.org> 3.0.1-43.1
- Merge c9s openssl changes to pick up CVE fixes
* Tue Nov 01 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-43
- CVE-2022-3602: X.509 Email Address Buffer Overflow
- CVE-2022-3786: X.509 Email Address Buffer Overflow
Resolves: CVE-2022-3602
* Wed Oct 26 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-42
- CVE-2022-3602: X.509 Email Address Buffer Overflow
Resolves: CVE-2022-3602 (rhbz#2137723)
* Tue Sep 27 2022 Michel Alexandre Salim <salimma@fedoraproject.org> 3.0.1-41.1
- Merge c9s openssl changes to pick up CVE fixes
* Thu Aug 11 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.1-41
- Zeroize public keys as required by FIPS 140-3
Related: rhbz#2102542
- Add FIPS indicator for HKDF
Related: rhbz#2114772
* Fri Aug 05 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-40
- Deal with DH keys in FIPS mode according FIPS-140-3 requirements
Related: rhbz#2102536
- Deal with ECDH keys in FIPS mode according FIPS-140-3 requirements
Related: rhbz#2102537
- Use signature for RSA pairwise test according FIPS-140-3 requirements
Related: rhbz#2102540
- Reseed all the parent DRBGs in chain on reseeding a DRBG
Related: rhbz#2102541
* Mon Aug 01 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.1-39
- Use RSA-OAEP in FIPS RSA encryption/decryption FIPS self-test
- Use Use digest_sign & digest_verify in FIPS signature self test
- Use FFDHE2048 in Diffie-Hellman FIPS self-test
Resolves: rhbz#2102535
* Thu Jul 14 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.1-38
- Fix segfault in EVP_PKEY_Q_keygen() when OpenSSL was not previously
initialized.
Resolves: rhbz#2103289
- Improve AES-GCM performance on Power9 and Power10 ppc64le
Resolves: rhbz#2051312
- Improve ChaCha20 performance on Power10 ppc64le
Resolves: rhbz#2051312
* Tue Jul 05 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.1-37
- CVE-2022-2097: AES OCB fails to encrypt some bytes on 32-bit x86
Resolves: CVE-2022-2097
* Thu Jun 16 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-36
- Ciphersuites with RSAPSK KX should be filterd in FIPS mode
- Related: rhbz#2085088
- FIPS provider should block RSA encryption for key transport.
- Other RSA encryption options should still be available if key length is enough
- Related: rhbz#2053289
- Improve diagnostics when passing unsupported groups in TLS
- Related: rhbz#2070197
- Fix PPC64 Montgomery multiplication bug
- Related: rhbz#2098199
- Strict certificates validation shouldn't allow explicit EC parameters
- Related: rhbz#2058663
- CVE-2022-2068: the c_rehash script allows command injection
- Related: rhbz#2098277
* Wed Jun 08 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.1-35
- Add explicit indicators for signatures in FIPS mode and mark signature
primitives as unapproved.
Resolves: rhbz#2087147
* Fri Jun 03 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-34
- Some OpenSSL test certificates are expired, updating
- Resolves: rhbz#2092456
* Thu May 26 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-33
- CVE-2022-1473 openssl: OPENSSL_LH_flush() breaks reuse of memory
- Resolves: rhbz#2089444
- CVE-2022-1343 openssl: Signer certificate verification returned
inaccurate response when using OCSP_NOCHECKS
- Resolves: rhbz#2087911
- CVE-2022-1292 openssl: c_rehash script allows command injection
- Resolves: rhbz#2090362
- Revert "Disable EVP_PKEY_sign/EVP_PKEY_verify in FIPS mode"
Related: rhbz#2087147
- Use KAT for ECDSA signature tests, s390 arch
- Resolves: rhbz#2069235
* Thu May 19 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-32
- `openssl ecparam -list_curves` lists only FIPS-approved curves in FIPS mode
- Resolves: rhbz#2083240
- Ciphersuites with RSA KX should be filterd in FIPS mode
- Related: rhbz#2085088
- In FIPS mode, signature verification works with keys of arbitrary size
above 2048 bit, and only with 1024, 1280, 1536, 1792 bits for keys
below 2048 bits
- Resolves: rhbz#2077884
* Wed May 18 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.1-31
- Disable SHA-1 signature verification in FIPS mode
- Disable EVP_PKEY_sign/EVP_PKEY_verify in FIPS mode
Resolves: rhbz#2087147
* Mon May 16 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-30
- Use KAT for ECDSA signature tests
- Resolves: rhbz#2069235
* Thu May 12 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-29
- `-config` argument of openssl app should work properly in FIPS mode
- Resolves: rhbz#2083274
- openssl req defaults on PKCS#8 encryption changed to AES-256-CBC
- Resolves: rhbz#2063947
* Fri May 06 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-28
- OpenSSL should not accept custom elliptic curve parameters
- Resolves rhbz#2066412
- OpenSSL should not accept explicit curve parameters in FIPS mode
- Resolves rhbz#2058663
* Fri May 06 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.1-27
- Change FIPS module version to include hash of specfile, patches and sources
Resolves: rhbz#2070550
* Thu May 05 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-26
- OpenSSL FIPS module should not build in non-approved algorithms
- Resolves: rhbz#2081378
* Mon May 02 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-25
- FIPS provider should block RSA encryption for key transport.
- Other RSA encryption options should still be available
- Resolves: rhbz#2053289
* Thu Apr 28 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.1-24
- Fix regression in evp_pkey_name2type caused by tr_TR locale fix
Resolves: rhbz#2071631
* Wed Apr 20 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-23
- Fix openssl curl error with LANG=tr_TR.utf8
- Resolves: rhbz#2071631
* Mon Mar 28 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-22
- FIPS provider should block RSA encryption for key transport
- Resolves: rhbz#2053289
* Tue Mar 22 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.1-21
- Fix occasional internal error in TLS when DHE is used
- Resolves: rhbz#2004915
* Fri Mar 18 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.1-20
- Fix acceptance of SHA-1 certificates with rh-allow-sha1-signatures = yes when
no OpenSSL library context is set
- Resolves: rhbz#2065400
* Fri Mar 18 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.1-19
- Fix TLS connections with SHA1 signatures if rh-allow-sha1-signatures = yes
- Resolves: rhbz#2065400
* Wed Mar 16 2022 Michel Alexandre Salim <salimma@fedoraproject.org> 3.0.1-18.1
- Merge c9s openssl changes to pick up CVE-2022-0778 fix
* Wed Mar 16 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-18
- CVE-2022-0778 fix
- Resolves: rhbz#2062315
* Thu Mar 10 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.1-17
- Fix invocation of EVP_PKEY_CTX_set_rsa_padding(RSA_PKCS1_PSS_PADDING) before
setting an allowed digest with EVP_PKEY_CTX_set_signature_md()
- Skipping 3.0.1-16 due to version numbering confusion with the RHEL-9.0 branch
- Resolves: rhbz#2062640
* Tue Mar 01 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.1-15
- Allow SHA1 in SECLEVEL 2 if rh-allow-sha1-signatures = yes
- Resolves: rhbz#2060510
* Fri Feb 25 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.1-14
- Prevent use of SHA1 with ECDSA
- Resolves: rhbz#2031742
* Fri Feb 25 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-13
- OpenSSL will generate keys with prime192v1 curve if it is provided using explicit parameters
- Resolves: rhbz#1977867
* Thu Feb 24 2022 Peter Robinson <pbrobinson@fedoraproject.org> - 1:3.0.1-12
- Support KBKDF (NIST SP800-108) with an R value of 8bits
- Resolves: rhbz#2027261
* Wed Feb 23 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.1-11
- Allow SHA1 usage in MGF1 for RSASSA-PSS signatures
- Resolves: rhbz#2031742
* Wed Feb 23 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-10
- rebuilt
* Tue Feb 22 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.1-9
- Allow SHA1 usage in HMAC in TLS
- Resolves: rhbz#2031742
* Tue Feb 22 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-8
- OpenSSL will generate keys with prime192v1 curve if it is provided using explicit parameters
- Resolves: rhbz#1977867
- pkcs12 export broken in FIPS mode
- Resolves: rhbz#2049265
* Tue Feb 22 2022 Clemens Lang <cllang@redhat.com> - 1:3.0.1-8
- Disable SHA1 signature creation and verification by default
- Set rh-allow-sha1-signatures = yes to re-enable
- Resolves: rhbz#2031742
* Thu Feb 03 2022 Sahana Prasad <sahana@redhat.com> - 1:3.0.1-7
- s_server: correctly handle 2^14 byte long records
- Resolves: rhbz#2042011
* Tue Feb 01 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-6
- Adjust FIPS provider version
- Related: rhbz#2026445
* Wed Jan 26 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-5
- On the s390x, zeroize all the copies of TLS premaster secret
- Related: rhbz#2040448
* Fri Jan 21 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-4
- rebuilt
* Fri Jan 21 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-3
- KATS tests should be executed before HMAC verification
- Restoring fips=yes for SHA1
- Related: rhbz#2026445, rhbz#2041994
* Thu Jan 20 2022 Sahana Prasad <sahana@redhat.com> - 1:3.0.1-2
- Add enable-buildtest-c++ to the configure options.
- Related: rhbz#1990814
* Tue Jan 18 2022 Sahana Prasad <sahana@redhat.com> - 1:3.0.1-1
- Rebase to upstream version 3.0.1
- Fixes CVE-2021-4044 Invalid handling of X509_verify_cert() internal errors in libssl
- Resolves: rhbz#2038910, rhbz#2035148
* Mon Jan 17 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.0-7
- Remove algorithms we don't plan to certify from fips module
- Remove native fipsmodule.cnf
- Related: rhbz#2026445
* Tue Dec 21 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.0-6
- openssl speed should run in FIPS mode
- Related: rhbz#1977318
* Wed Nov 24 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.0-5
- rebuilt for spec cleanup
- Related: rhbz#1985362
* Thu Nov 18 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.0-4
- Embed FIPS HMAC in fips.so
- Enforce loading FIPS provider when FIPS kernel flag is on
- Related: rhbz#1985362
* Wed Nov 17 2021 Michel Alexandre Salim <salimma@fedoraproject.org> - 3.0.0-3.1
- Fork c9s' openssl to openssl3 for epel8 (and possibly Fedora <= 35)
* Thu Oct 07 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.0-3
- Fix memory leak in s_client
- Related: rhbz#1996092
* Mon Sep 20 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.0-2
- Avoid double-free on error seeding the RNG.
- KTLS and FIPS may interfere, so tests need to be tuned
- Resolves: rhbz#1952844, rhbz#1961643
* Thu Sep 09 2021 Sahana Prasad <sahana@redhat.com> - 1:3.0.0-1
- Rebase to upstream version 3.0.0
- Related: rhbz#1990814
* Wed Aug 25 2021 Sahana Prasad <sahana@redhat.com> - 1:3.0.0-0.beta2.7
- Removes the dual-abi build as it not required anymore. The mass rebuild
was completed and all packages are rebuilt against Beta version.
- Resolves: rhbz#1984097
* Mon Aug 23 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.0-0.beta2.6
- Correctly process CMS reading from /dev/stdin
- Resolves: rhbz#1986315
* Mon Aug 16 2021 Sahana Prasad <sahana@redhat.com> - 3.0.0-0.beta2.5
- Add instruction for loading legacy provider in openssl.cnf
- Resolves: rhbz#1975836
* Mon Aug 16 2021 Sahana Prasad <sahana@redhat.com> - 3.0.0-0.beta2.4
- Adds support for IDEA encryption.
- Resolves: rhbz#1990602
* Tue Aug 10 2021 Sahana Prasad <sahana@redhat.com> - 3.0.0-0.beta2.3
- Fixes core dump in openssl req -modulus
- Fixes 'openssl req' to not ask for password when non-encrypted private key
is used
- cms: Do not try to check binary format on stdin and -rctform fix
- Resolves: rhbz#1988137, rhbz#1988468, rhbz#1988137
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1:3.0.0-0.beta2.2.1
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Wed Aug 04 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 3.0.0-0.beta2.2
- When signature_algorithm extension is omitted, use more relevant alerts
- Resolves: rhbz#1965017
* Tue Aug 03 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.beta2.1
- Rebase to upstream version beta2
- Related: rhbz#1903209
* Thu Jul 22 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.beta1.5
- Prevents creation of duplicate cert entries in PKCS #12 files
- Resolves: rhbz#1978670
* Wed Jul 21 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.beta1.4
- NVR bump to update to OpenSSL 3.0 Beta1
* Mon Jul 19 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.beta1.3
- Update patch dual-abi.patch to add the #define macros in implementation
files instead of public header files
* Wed Jul 14 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.beta1.2
- Removes unused patch dual-abi.patch
* Wed Jul 14 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.beta1.1
- Update to Beta1 version
- Includes a patch to support dual-ABI, as Beta1 brekas ABI with alpha16
* Tue Jul 06 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.alpha16.7
- Fixes override of openssl_conf in openssl.cnf
- Use AI_ADDRCONFIG only when explicit host name is given
- Temporarily remove fipsmodule.cnf for arch i686
- Fixes segmentation fault in BN_lebin2bn
- Resolves: rhbz#1975847, rhbz#1976845, rhbz#1973477, rhbz#1975855
* Fri Jul 02 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.alpha16.6
- Adds FIPS mode compatibility patch (sahana@redhat.com)
- Related: rhbz#1977318
* Fri Jul 02 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.alpha16.5
- Fixes system hang issue when booted in FIPS mode (sahana@redhat.com)
- Temporarily disable downstream FIPS patches
- Related: rhbz#1977318
* Fri Jun 11 2021 Mohan Boddu <mboddu@redhat.com> 3.0.0-0.alpha16.4
- Speeding up building openssl (dbelyavs@redhat.com)
Resolves: rhbz#1903209
* Fri Jun 04 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.alpha16.3
- Fix reading SPKAC data from stdin
- Fix incorrect OSSL_PKEY_PARAM_MAX_SIZE for ed25519 and ed448
- Return 0 after cleanup in OPENSSL_init_crypto()
- Cleanup the peer point formats on regotiation
- Fix default digest to SHA256
* Thu May 27 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.alpha16.2
- Enable FIPS via config options
* Mon May 17 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.alpha16.1
- Update to alpha 16 version
Resolves: rhbz#1952901 openssl sends alert after orderly connection close
* Mon Apr 26 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.alpha15.1
- Update to alpha 15 version
Resolves: rhbz#1903209, rhbz#1952598,
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 1:3.0.0-0.alpha13.1.1
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Fri Apr 09 2021 Sahana Prasad <sahana@redhat.com> 3.0.0-0.alpha13.1
- Update to new major release OpenSSL 3.0.0 alpha 13
Resolves: rhbz#1903209
/usr/lib/debug /usr/lib/debug/.build-id /usr/lib/debug/.build-id/86 /usr/lib/debug/.build-id/86/c333e9865af54ea73b3033988e3094a05ddf6b /usr/lib/debug/.build-id/86/c333e9865af54ea73b3033988e3094a05ddf6b.debug /usr/lib/debug/.dwz /usr/lib/debug/.dwz/openssl3-3.0.7-5.el8.1.x86_64 /usr/lib/debug/usr /usr/lib/debug/usr/bin /usr/lib/debug/usr/bin/openssl3-3.0.7-5.el8.1.x86_64.debug
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Apr 23 02:04:19 2024