Format: 1.8
Date: Wed, 20 Jun 2018 07:38:22 -0400
Source: openssl
Binary: openssl libssl1.0.0 libcrypto1.0.0-udeb libssl1.0.0-udeb libssl-dev libssl-doc libssl1.0.0-dbg
Architecture: armhf armhf_translations
Version: 1.0.2g-1ubuntu4.13
Distribution: xenial
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos02-arm64-008.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 libcrypto1.0.0-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb)
 libssl-dev - Secure Sockets Layer toolkit - development files
 libssl-doc - Secure Sockets Layer toolkit - development documentation
 libssl1.0.0 - Secure Sockets Layer toolkit - shared libraries
 libssl1.0.0-dbg - Secure Sockets Layer toolkit - debug information
 libssl1.0.0-udeb - ssl shared library - udeb (udeb)
 openssl    - Secure Sockets Layer toolkit - cryptographic utility
Changes:
 openssl (1.0.2g-1ubuntu4.13) xenial-security; urgency=medium
 .
   * SECURITY UPDATE: ECDSA key extraction side channel
     - debian/patches/CVE-2018-0495.patch: add blinding to an ECDSA
       signature in crypto/ecdsa/ecdsatest.c, crypto/ecdsa/ecs_ossl.c.
     - CVE-2018-0495
   * SECURITY UPDATE: denial of service via long prime values
     - debian/patches/CVE-2018-0732.patch: reject excessively large primes
       in DH key generation in crypto/dh/dh_key.c.
     - CVE-2018-0732
   * SECURITY UPDATE: RSA cache timing side channel attack
     (previous update was incomplete)
     - debian/patches/CVE-2018-0737-1.patch: replaced variable-time GCD in
       crypto/rsa/rsa_gen.c.
     - debian/patches/CVE-2018-0737-2.patch: used ERR set/pop mark in
       crypto/rsa/rsa_gen.c.
     - debian/patches/CVE-2018-0737-3.patch: consttime flag changed in
       crypto/rsa/rsa_gen.c.
     - debian/patches/CVE-2018-0737-4.patch: ensure BN_mod_inverse and
       BN_mod_exp_mont both get called with BN_FLG_CONSTTIME flag set in
       crypto/rsa/rsa_gen.c.
     - CVE-2018-0737
Checksums-Sha1:
 f5e456093f5bec10af4ab14165a57ce9c2a7930f 938 libcrypto1.0.0-udeb-dbgsym_1.0.2g-1ubuntu4.13_armhf.ddeb
 645ad0a5b4fc7e622bc348f14d100cebc4703f29 513244 libcrypto1.0.0-udeb_1.0.2g-1ubuntu4.13_armhf.udeb
 f0adb8ef7d78f322b4079e0b71913b2c83811c49 924 libssl-dev-dbgsym_1.0.2g-1ubuntu4.13_armhf.ddeb
 d9ccb92932479a5ee8d7915e9c623d835eccb019 980728 libssl-dev_1.0.2g-1ubuntu4.13_armhf.deb
 08b5fc0c0f657ae47e8fc8f85f5a173b7a94b8a3 2585276 libssl1.0.0-dbg_1.0.2g-1ubuntu4.13_armhf.deb
 84344634507c97a11964575199d55784ea785560 902 libssl1.0.0-dbgsym_1.0.2g-1ubuntu4.13_armhf.ddeb
 f012d37b82f6f2cae7633bba110bba6426ccd1b6 820 libssl1.0.0-udeb-dbgsym_1.0.2g-1ubuntu4.13_armhf.ddeb
 00123bee6c791c16a5505ec73634f741e0aba488 114006 libssl1.0.0-udeb_1.0.2g-1ubuntu4.13_armhf.udeb
 7f6f33ee9caaa56c3f5e9543a8411f9ffba9fb5e 710626 libssl1.0.0_1.0.2g-1ubuntu4.13_armhf.deb
 87d3fe2017caaa3ed080861944c2221d82f83392 1060 openssl-dbgsym_1.0.2g-1ubuntu4.13_armhf.ddeb
 b69a5dec6611310eebc853bc7df3e4dc99d86f34 486034 openssl_1.0.2g-1ubuntu4.13_armhf.deb
 b36b1e59b6c1444307ab7d8c99cea6284b9a4369 20575 openssl_1.0.2g-1ubuntu4.13_armhf_translations.tar.gz
Checksums-Sha256:
 cb51343efd2d5cb595f17f79298493c1e935baacc28b94f30116b2227295514d 938 libcrypto1.0.0-udeb-dbgsym_1.0.2g-1ubuntu4.13_armhf.ddeb
 7946c576ab596798412e94133de49c99bbd0aa51aaadf8ff49f83e136c16810f 513244 libcrypto1.0.0-udeb_1.0.2g-1ubuntu4.13_armhf.udeb
 944c871f5ff978a9ea16fc263fb38a8edda0151d9ded2c5fee4786806d9fcbd6 924 libssl-dev-dbgsym_1.0.2g-1ubuntu4.13_armhf.ddeb
 a088efde9b30cad9802b1068d7caa7725c5aef8e2043df3857527930b1731e9a 980728 libssl-dev_1.0.2g-1ubuntu4.13_armhf.deb
 bbef4f80cb3b9c4a1f9c59bb0619157d28ccf93962e384c57bfe9ba8a35fe6a8 2585276 libssl1.0.0-dbg_1.0.2g-1ubuntu4.13_armhf.deb
 9920c1588d60d34feb14aeaf86baade80fcc7a07d73845e692c6683107b76628 902 libssl1.0.0-dbgsym_1.0.2g-1ubuntu4.13_armhf.ddeb
 f249c2b8dd7c181369c9e4683fa8e5389fb953f95180f60b17584680d881c890 820 libssl1.0.0-udeb-dbgsym_1.0.2g-1ubuntu4.13_armhf.ddeb
 7d43a52b5ecf5aa7532808e1fa72535b6281f26a3ff57f63e68c41717ca1a2fd 114006 libssl1.0.0-udeb_1.0.2g-1ubuntu4.13_armhf.udeb
 74d166cbf3a0b767d1f7be2ce02ca3a097962c132c9cae0e81666f2ae2bed9aa 710626 libssl1.0.0_1.0.2g-1ubuntu4.13_armhf.deb
 3740c8298f70fdf6fb0de1821baf9f41159b2ed43069e71caf8aa416b3d88838 1060 openssl-dbgsym_1.0.2g-1ubuntu4.13_armhf.ddeb
 7bc419e5894036198d80489c448ab6c1b343c847d615b03321f07c94320a2a67 486034 openssl_1.0.2g-1ubuntu4.13_armhf.deb
 c5454f0f466339d62c8325f4e4e8e983c438fa17a7da8273424774f34baaab0b 20575 openssl_1.0.2g-1ubuntu4.13_armhf_translations.tar.gz
Files:
 b4e46a7b1fc3f3139ab6db8427c18580 938 debian-installer extra libcrypto1.0.0-udeb-dbgsym_1.0.2g-1ubuntu4.13_armhf.ddeb
 9c203292d13a38ec9799e0af51085b8c 513244 debian-installer optional libcrypto1.0.0-udeb_1.0.2g-1ubuntu4.13_armhf.udeb
 7a547dee05e9158bdd90344994af8545 924 libdevel extra libssl-dev-dbgsym_1.0.2g-1ubuntu4.13_armhf.ddeb
 9e86f240d789028ffd54833341d5859f 980728 libdevel optional libssl-dev_1.0.2g-1ubuntu4.13_armhf.deb
 deef045fd07d3a936f741aaebfc6bfd3 2585276 debug extra libssl1.0.0-dbg_1.0.2g-1ubuntu4.13_armhf.deb
 67d3e89a8cedba0044ca0b3829736ce6 902 libs extra libssl1.0.0-dbgsym_1.0.2g-1ubuntu4.13_armhf.ddeb
 8b1147f604ae91ac758278f17f7fa322 820 debian-installer extra libssl1.0.0-udeb-dbgsym_1.0.2g-1ubuntu4.13_armhf.ddeb
 35135c3cb30a84c87d3cc4fc820986c4 114006 debian-installer optional libssl1.0.0-udeb_1.0.2g-1ubuntu4.13_armhf.udeb
 4545ee1f3c7a05e17228c5457e3fe157 710626 libs important libssl1.0.0_1.0.2g-1ubuntu4.13_armhf.deb
 799d3b540f89e53a63bd78676d655688 1060 utils extra openssl-dbgsym_1.0.2g-1ubuntu4.13_armhf.ddeb
 2bf5ba1c70fb4bb6cb05d2edb5b1642b 486034 utils optional openssl_1.0.2g-1ubuntu4.13_armhf.deb
 59779017504936b7574ee325f433ad8a 20575 raw-translations - openssl_1.0.2g-1ubuntu4.13_armhf_translations.tar.gz
Original-Maintainer: Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>
Package-Type: udeb