Format: 1.8
Date: Thu, 19 Mar 2015 10:07:13 -0400
Source: openssl
Binary: openssl libssl1.0.0 libcrypto1.0.0-udeb libssl1.0.0-udeb libssl-dev libssl-doc libssl1.0.0-dbg
Architecture: powerpc powerpc_translations
Version: 1.0.1f-1ubuntu11
Distribution: vivid-proposed
Urgency: medium
Maintainer: Ubuntu Build Daemon <buildd@denneed01.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 libcrypto1.0.0-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb)
 libssl-dev - Secure Sockets Layer toolkit - development files
 libssl-doc - Secure Sockets Layer toolkit - development documentation
 libssl1.0.0 - Secure Sockets Layer toolkit - shared libraries
 libssl1.0.0-dbg - Secure Sockets Layer toolkit - debug information
 libssl1.0.0-udeb - ssl shared library - udeb (udeb)
 openssl    - Secure Sockets Layer toolkit - cryptographic utility
Changes:
 openssl (1.0.1f-1ubuntu11) vivid; urgency=medium
 .
   * SECURITY UPDATE: denial of service and possible memory corruption via
     malformed EC private key
     - debian/patches/CVE-2015-0209.patch: fix use after free in
       crypto/ec/ec_asn1.c.
     - debian/patches/CVE-2015-0209-2.patch: fix a failure to NULL a pointer
       freed on error in crypto/asn1/x_x509.c, crypto/ec/ec_asn1.c.
     - CVE-2015-0209
   * SECURITY UPDATE: denial of service via cert verification
     - debian/patches/CVE-2015-0286.patch: handle boolean types in
       crypto/asn1/a_type.c.
     - CVE-2015-0286
   * SECURITY UPDATE: ASN.1 structure reuse memory corruption
     - debian/patches/CVE-2015-0287.patch: free up structures in
       crypto/asn1/tasn_dec.c.
     - CVE-2015-0287
   * SECURITY UPDATE: denial of service via invalid certificate key
     - debian/patches/CVE-2015-0288.patch: check public key isn't NULL in
       crypto/x509/x509_req.c.
     - CVE-2015-0288
   * SECURITY UPDATE: denial of service and possible code execution via
     PKCS#7 parsing
     - debian/patches/CVE-2015-0289.patch: handle missing content in
       crypto/pkcs7/pk7_doit.c, crypto/pkcs7/pk7_lib.c.
     - CVE-2015-0289
   * SECURITY UPDATE: denial of service or memory corruption via base64
     decoding
     - debian/patches/CVE-2015-0292.patch: prevent underflow in
       crypto/evp/encode.c.
     - CVE-2015-0292
   * SECURITY UPDATE: denial of service via assert in SSLv2 servers
     - debian/patches/CVE-2015-0293.patch: check key lengths in
       ssl/s2_lib.c, ssl/s2_srvr.c.
     - debian/patches/CVE-2015-0293-2.patch: fix unsigned/signed warnings in
       ssl/s2_srvr.c.
     - CVE-2015-0293
Checksums-Sha1:
 5cda422f4656a17263d3ce3c598fde77ee9b91dc 467020 openssl_1.0.1f-1ubuntu11_powerpc.deb
 4801156f8b215d9c0e812c32fddd5575f3e08a9e 698300 libssl1.0.0_1.0.1f-1ubuntu11_powerpc.deb
 beaf981d59bf74b7fc222d20244902769c0b5cae 507334 libcrypto1.0.0-udeb_1.0.1f-1ubuntu11_powerpc.udeb
 e093e339ce272407034fa11105eb3fe8748fe44c 106170 libssl1.0.0-udeb_1.0.1f-1ubuntu11_powerpc.udeb
 1ad93c5272eeb9e4fae8f085a7564e1fd2fe9bd6 946166 libssl-dev_1.0.1f-1ubuntu11_powerpc.deb
 0353be6c0464f60b2bba1f12a1fada6e57c0370c 2712180 libssl1.0.0-dbg_1.0.1f-1ubuntu11_powerpc.deb
 bd9fe0943cb4800b86a310de1cdd149757fb2377 20613 openssl_1.0.1f-1ubuntu11_powerpc_translations.tar.gz
Checksums-Sha256:
 d1cda20c0336d402161790d6167c68e59c0fcd22a8504afc0307262400708010 467020 openssl_1.0.1f-1ubuntu11_powerpc.deb
 9cd16279cbed5e30fe18662ee3d38a713b4b98774a95042f975b2f2c00f2203d 698300 libssl1.0.0_1.0.1f-1ubuntu11_powerpc.deb
 8f2c531e510f70fd3f9099a97d585e941e4dfffe1f24ac4b672d490ac5505e84 507334 libcrypto1.0.0-udeb_1.0.1f-1ubuntu11_powerpc.udeb
 1b4cae2aa6be0985a90c7054f0d2969063633ab2ff6135766a594fcffc1b4c41 106170 libssl1.0.0-udeb_1.0.1f-1ubuntu11_powerpc.udeb
 b33f13a8fd312b779d4bcfaad581147d6548cd8761231523a474694d830c1cd9 946166 libssl-dev_1.0.1f-1ubuntu11_powerpc.deb
 ef64ad87c524899305c57ae5397136d69d513da85fa8f79c97a861a9054779ad 2712180 libssl1.0.0-dbg_1.0.1f-1ubuntu11_powerpc.deb
 2e754eb220f588e1d0336f36b862adf914cef2ead89f9490b844493087afd2bb 20613 openssl_1.0.1f-1ubuntu11_powerpc_translations.tar.gz
Files:
 71f9628c3a8edefa78bed95a4d8ab049 467020 utils optional openssl_1.0.1f-1ubuntu11_powerpc.deb
 d2cabf8f5b2ab4e7930cddee1d547091 698300 libs important libssl1.0.0_1.0.1f-1ubuntu11_powerpc.deb
 25b434d95981de847a9fed9541cd144d 507334 debian-installer optional libcrypto1.0.0-udeb_1.0.1f-1ubuntu11_powerpc.udeb
 d567d3998d6cf03f6913d8e8ef0db9bd 106170 debian-installer optional libssl1.0.0-udeb_1.0.1f-1ubuntu11_powerpc.udeb
 ad6d370036b51c46d54b40bc9e405677 946166 libdevel optional libssl-dev_1.0.1f-1ubuntu11_powerpc.deb
 54f0acdc6a55a25dafe3aabb1d2a22a0 2712180 debug extra libssl1.0.0-dbg_1.0.1f-1ubuntu11_powerpc.deb
 ec728ebcebef127c49cb97429d2c75ab 20613 raw-translations - openssl_1.0.1f-1ubuntu11_powerpc_translations.tar.gz
Original-Maintainer: Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>
Package-Type: udeb