Format: 1.8
Date: Thu, 22 Sep 2016 13:38:15 -0400
Source: openssl
Binary: openssl libssl1.0.0 libcrypto1.0.0-udeb libssl1.0.0-udeb libssl-dev libssl-doc libssl1.0.0-dbg
Architecture: arm64 arm64_translations
Version: 1.0.1f-1ubuntu2.20
Distribution: trusty
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos01-arm64-021.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description: 
 libcrypto1.0.0-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb)
 libssl-dev - Secure Sockets Layer toolkit - development files
 libssl-doc - Secure Sockets Layer toolkit - development documentation
 libssl1.0.0 - Secure Sockets Layer toolkit - shared libraries
 libssl1.0.0-dbg - Secure Sockets Layer toolkit - debug information
 libssl1.0.0-udeb - ssl shared library - udeb (udeb)
 openssl    - Secure Sockets Layer toolkit - cryptographic utility
Launchpad-Bugs-Fixed: 1622500
Changes: 
 openssl (1.0.1f-1ubuntu2.20) trusty-security; urgency=medium
 .
   * SECURITY UPDATE: Constant time flag not preserved in DSA signing
     - debian/patches/CVE-2016-2178-*.patch: preserve BN_FLG_CONSTTIME in
       crypto/dsa/dsa_ossl.c.
     - CVE-2016-2178
   * SECURITY UPDATE: DTLS buffered message DoS
     - debian/patches/CVE-2016-2179.patch: fix queue handling in
       ssl/d1_both.c, ssl/d1_clnt.c, ssl/d1_lib.c, ssl/d1_srvr.c,
       ssl/ssl_locl.h.
     - CVE-2016-2179
   * SECURITY UPDATE: OOB read in TS_OBJ_print_bio()
     - debian/patches/CVE-2016-2180.patch: fix text handling in
       crypto/ts/ts_lib.c.
     - CVE-2016-2180
   * SECURITY UPDATE: DTLS replay protection DoS
     - debian/patches/CVE-2016-2181-1.patch: properly handle unprocessed
       records in ssl/d1_pkt.c.
     - debian/patches/CVE-2016-2181-2.patch: protect against replay attacks
       in ssl/d1_pkt.c, ssl/ssl.h, ssl/ssl_err.c.
     - debian/patches/CVE-2016-2181-3.patch: update error code in ssl/ssl.h.
     - CVE-2016-2181
   * SECURITY UPDATE: OOB write in BN_bn2dec()
     - debian/patches/CVE-2016-2182.patch: don't overflow buffer in
       crypto/bn/bn_print.c.
     - CVE-2016-2182
   * SECURITY UPDATE: SWEET32 Mitigation
     - debian/patches/CVE-2016-2183.patch: move DES ciphersuites from HIGH
       to MEDIUM in ssl/s3_lib.c.
     - CVE-2016-2183
   * SECURITY UPDATE: Malformed SHA512 ticket DoS
     - debian/patches/CVE-2016-6302.patch: sanity check ticket length in
       ssl/t1_lib.c.
     - CVE-2016-6302
   * SECURITY UPDATE: OOB write in MDC2_Update()
     - debian/patches/CVE-2016-6303.patch: avoid overflow in
       crypto/mdc2/mdc2dgst.c.
     - CVE-2016-6303
   * SECURITY UPDATE: OCSP Status Request extension unbounded memory growth
     - debian/patches/CVE-2016-6304.patch: remove OCSP_RESPIDs from previous
       handshake in ssl/t1_lib.c.
     - CVE-2016-6304
   * SECURITY UPDATE: Certificate message OOB reads
     - debian/patches/CVE-2016-6306-1.patch: check lengths in ssl/s3_clnt.c,
       ssl/s3_srvr.c.
     - debian/patches/CVE-2016-6306-2.patch: make message buffer slightly
       larger in ssl/d1_both.c, ssl/s3_both.c.
     - CVE-2016-6306
   * SECURITY REGRESSION: DTLS regression (LP: #1622500)
     - debian/patches/CVE-2014-3571-3.patch: make DTLS always act as if
       read_ahead is set in ssl/s3_pkt.c.
   * debian/patches/update-expired-smime-test-certs.patch: Update test
     certificates that have expired and caused build test failures.
Checksums-Sha1: 
 b88720abf9823732def4f81245d840d09702b493 477994 openssl_1.0.1f-1ubuntu2.20_arm64.deb
 9c3bae74e50db4a385f70df0efab3fef8f669522 662500 libssl1.0.0_1.0.1f-1ubuntu2.20_arm64.deb
 dcbd422e29ca05c087cffdd8c2344838d2bda6cb 480790 libcrypto1.0.0-udeb_1.0.1f-1ubuntu2.20_arm64.udeb
 ae726e010aa7203da840e298cf7dd66a536eeff8 101146 libssl1.0.0-udeb_1.0.1f-1ubuntu2.20_arm64.udeb
 4696bae67c585359a6736ba5cd4d0f462c3b092a 953834 libssl-dev_1.0.1f-1ubuntu2.20_arm64.deb
 d51a04a92b50809ea6cadb5d22fecbfd8325a959 2691288 libssl1.0.0-dbg_1.0.1f-1ubuntu2.20_arm64.deb
 65d61f5ead27ecbe459f865d2bb5c7918e23b2a8 1060 openssl-dbgsym_1.0.1f-1ubuntu2.20_arm64.ddeb
 5a5a7067c97239abf21d17fce6e6967550dcfa22 900 libssl1.0.0-dbgsym_1.0.1f-1ubuntu2.20_arm64.ddeb
 be7f69abf222dc0ac445c6dfabf417910abf9071 934 libcrypto1.0.0-udeb-dbgsym_1.0.1f-1ubuntu2.20_arm64.ddeb
 ef028da071fa13d604d7719bccfe2d5a572e21a4 820 libssl1.0.0-udeb-dbgsym_1.0.1f-1ubuntu2.20_arm64.ddeb
 fa07dd5ecfaa87cc9288f00608797b35efae755e 924 libssl-dev-dbgsym_1.0.1f-1ubuntu2.20_arm64.ddeb
 a8831a0032b41a5ef0233af9df025979d489154f 20653 openssl_1.0.1f-1ubuntu2.20_arm64_translations.tar.gz
Checksums-Sha256: 
 e662dd0050f1eee7043566e7a4b524815bdf36a25c17f2f23c305bb159d99c6e 477994 openssl_1.0.1f-1ubuntu2.20_arm64.deb
 325b4c5b401de9d6a71bbb301bc8c7a94ff7bece8fe0cfd445ba197e37e751b3 662500 libssl1.0.0_1.0.1f-1ubuntu2.20_arm64.deb
 8d6fe4c638d6d9f43a5cce80b1cd31b5bc124494d1e3d48887bbdb7633704aa5 480790 libcrypto1.0.0-udeb_1.0.1f-1ubuntu2.20_arm64.udeb
 452cfb5bf424b3682d09422f3a4772c0efa4e41a9249ef7e91cd12a54fdbf94d 101146 libssl1.0.0-udeb_1.0.1f-1ubuntu2.20_arm64.udeb
 cb3346e73a67198b32a81a7390af10d54fb25f1e4b309c213e0f6e81e80309a0 953834 libssl-dev_1.0.1f-1ubuntu2.20_arm64.deb
 e60e17081a8b2e3794b81b0025333a5ecf851b259ee6e263bbd7a4f3f447e5ab 2691288 libssl1.0.0-dbg_1.0.1f-1ubuntu2.20_arm64.deb
 022a7183299b3295bb0fd5063c2246956eb29c962e758407521bc5b50b510506 1060 openssl-dbgsym_1.0.1f-1ubuntu2.20_arm64.ddeb
 e70498b75ed3df7be98a388366fbb5b367ffbecd93f38c0c65b7d38646e89557 900 libssl1.0.0-dbgsym_1.0.1f-1ubuntu2.20_arm64.ddeb
 a1b90c6b1bcf5afd55bd051a2ff09d15b3b031a4d34067029a2b6c4cbd179a68 934 libcrypto1.0.0-udeb-dbgsym_1.0.1f-1ubuntu2.20_arm64.ddeb
 f38853a52366d58f6cdb35753b5df08af2388985b1a8112002273cc43a15a5da 820 libssl1.0.0-udeb-dbgsym_1.0.1f-1ubuntu2.20_arm64.ddeb
 b40085b2ac981559950d1bb97ce9291e3ee22c5ec9d02d0bdc498543b39c3ea0 924 libssl-dev-dbgsym_1.0.1f-1ubuntu2.20_arm64.ddeb
 3a1bcdc14971e801564b10de55383101415e556f697baf090f6ff816ea1acf5f 20653 openssl_1.0.1f-1ubuntu2.20_arm64_translations.tar.gz
Files: 
 28daf7581adfa3f9edef2cc7df76c68a 477994 utils optional openssl_1.0.1f-1ubuntu2.20_arm64.deb
 30084946f0199da3582ef7db3173907e 662500 libs important libssl1.0.0_1.0.1f-1ubuntu2.20_arm64.deb
 745f50c2269707d28b2226217c012b6f 480790 debian-installer optional libcrypto1.0.0-udeb_1.0.1f-1ubuntu2.20_arm64.udeb
 8c5037eb4d42214bd25b024abe30e475 101146 debian-installer optional libssl1.0.0-udeb_1.0.1f-1ubuntu2.20_arm64.udeb
 2dcbfc8421b7307e2e155e86e95d8054 953834 libdevel optional libssl-dev_1.0.1f-1ubuntu2.20_arm64.deb
 3f96d442e5a580203d404209cc10e7ea 2691288 debug extra libssl1.0.0-dbg_1.0.1f-1ubuntu2.20_arm64.deb
 ac274eb27ebf98a150257ccfaa3d0bf7 1060 utils extra openssl-dbgsym_1.0.1f-1ubuntu2.20_arm64.ddeb
 54bfe06518a9d32bd33366398b5831d0 900 libs extra libssl1.0.0-dbgsym_1.0.1f-1ubuntu2.20_arm64.ddeb
 189b6a1d1cf724c46bf82bb32f2fe7cb 934 debian-installer extra libcrypto1.0.0-udeb-dbgsym_1.0.1f-1ubuntu2.20_arm64.ddeb
 53a7d60e8906d64138ebaadb64dfa56b 820 debian-installer extra libssl1.0.0-udeb-dbgsym_1.0.1f-1ubuntu2.20_arm64.ddeb
 c8cdae9bc506bd4fd09daa8866e0dc11 924 libdevel extra libssl-dev-dbgsym_1.0.1f-1ubuntu2.20_arm64.ddeb
 42a0169edba615ac05c6802ab0c62580 20653 raw-translations - openssl_1.0.1f-1ubuntu2.20_arm64_translations.tar.gz
Original-Maintainer: Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>
Package-Type: udeb