Format: 1.8 Date: Wed, 20 Jun 2018 07:57:40 -0400 Source: openssl Binary: openssl libssl1.0.0 libcrypto1.0.0-udeb libssl1.0.0-udeb libssl-dev libssl-doc libssl1.0.0-dbg Architecture: powerpc powerpc_translations Version: 1.0.1f-1ubuntu2.26 Distribution: trusty Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: libcrypto1.0.0-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb) libssl-dev - Secure Sockets Layer toolkit - development files libssl-doc - Secure Sockets Layer toolkit - development documentation libssl1.0.0 - Secure Sockets Layer toolkit - shared libraries libssl1.0.0-dbg - Secure Sockets Layer toolkit - debug information libssl1.0.0-udeb - ssl shared library - udeb (udeb) openssl - Secure Sockets Layer toolkit - cryptographic utility Changes: openssl (1.0.1f-1ubuntu2.26) trusty-security; urgency=medium . * SECURITY UPDATE: ECDSA key extraction side channel - debian/patches/CVE-2018-0495.patch: add blinding to an ECDSA signature in crypto/ecdsa/ecdsatest.c, crypto/ecdsa/ecs_ossl.c. - CVE-2018-0495 * SECURITY UPDATE: denial of service via long prime values - debian/patches/CVE-2018-0732.patch: reject excessively large primes in DH key generation in crypto/dh/dh_key.c. - CVE-2018-0732 * SECURITY UPDATE: RSA cache timing side channel attack (previous update was incomplete) - debian/patches/CVE-2018-0737-1.patch: replaced variable-time GCD in crypto/rsa/rsa_gen.c. - debian/patches/CVE-2018-0737-2.patch: used ERR set/pop mark in crypto/rsa/rsa_gen.c. - debian/patches/CVE-2018-0737-3.patch: consttime flag changed in crypto/rsa/rsa_gen.c. - debian/patches/CVE-2018-0737-4.patch: ensure BN_mod_inverse and BN_mod_exp_mont both get called with BN_FLG_CONSTTIME flag set in crypto/rsa/rsa_gen.c. - CVE-2018-0737 Checksums-Sha1: ab644a758d77ca1b79cb5bb52c1d0cea76d8709f 466944 openssl_1.0.1f-1ubuntu2.26_powerpc.deb 0957a4352ec65c78b1c9ea4e7dcbc3fa795baa14 691698 libssl1.0.0_1.0.1f-1ubuntu2.26_powerpc.deb 14a3fe24a835750fc5632689ca895334f3a00852 505480 libcrypto1.0.0-udeb_1.0.1f-1ubuntu2.26_powerpc.udeb 8af8ded27cdc1bfe732bd8b2ae813cb39bcc994f 106240 libssl1.0.0-udeb_1.0.1f-1ubuntu2.26_powerpc.udeb 5891afd79f53523f8f9eff187f6a543b29856ec0 945654 libssl-dev_1.0.1f-1ubuntu2.26_powerpc.deb 4849104fb50c4f80d35b194b8004d3df20c63178 2697088 libssl1.0.0-dbg_1.0.1f-1ubuntu2.26_powerpc.deb fdd310d90bd340d832c731b040a25ec05b8f7fda 1062 openssl-dbgsym_1.0.1f-1ubuntu2.26_powerpc.ddeb fdd4674cadd4da70784880c562296b98a1301ea5 902 libssl1.0.0-dbgsym_1.0.1f-1ubuntu2.26_powerpc.ddeb fd47f6ed3840108928b4adba18df8bcd4d003c9f 938 libcrypto1.0.0-udeb-dbgsym_1.0.1f-1ubuntu2.26_powerpc.ddeb c5c1e6cb25ab6fbaf0400331387759fd5db868e8 822 libssl1.0.0-udeb-dbgsym_1.0.1f-1ubuntu2.26_powerpc.ddeb 28b8b12fbf7c0553c748901db28fb7a42f045c9d 926 libssl-dev-dbgsym_1.0.1f-1ubuntu2.26_powerpc.ddeb 920a77b98a3666c9fe61c65a0a4280621967d14e 20331 openssl_1.0.1f-1ubuntu2.26_powerpc_translations.tar.gz Checksums-Sha256: 4ec008b8cfa224dae2dad79ffdb244c8da36c240d9e822329d4475ab7cb2d1b8 466944 openssl_1.0.1f-1ubuntu2.26_powerpc.deb 98eb715b3092728a62dda360783721bb4aeee9efed11d8a6ea79529e79883a63 691698 libssl1.0.0_1.0.1f-1ubuntu2.26_powerpc.deb e822a2f8e62530d7ea005734a0f9dad5f17adccf5d5abf64b0e765d2b671f3e6 505480 libcrypto1.0.0-udeb_1.0.1f-1ubuntu2.26_powerpc.udeb a4b1c901ecbecb13adff4dbaf9a48ab4150b14572a14129a87a0cf5c15f28aa4 106240 libssl1.0.0-udeb_1.0.1f-1ubuntu2.26_powerpc.udeb 7638416e00abc90c40b30d7b22cd681b8d096d3cfaa6f99d88d1432880169d5e 945654 libssl-dev_1.0.1f-1ubuntu2.26_powerpc.deb 045002086e16c013b325d49c24c6819d80bfa9c436eec6a24bdc53a5412aa489 2697088 libssl1.0.0-dbg_1.0.1f-1ubuntu2.26_powerpc.deb b75e039d73daf9bd8023e1e4965dc30209f43284e80a8eb8c259cc52c91455e3 1062 openssl-dbgsym_1.0.1f-1ubuntu2.26_powerpc.ddeb 0ff3cf6a7423fb3c9cbfbafc26c0ca0cb0eca1defd94ae150d9e5a530fc8ccf7 902 libssl1.0.0-dbgsym_1.0.1f-1ubuntu2.26_powerpc.ddeb fbfbb99a7f0af99c06991e5e4b29016d902e86e34aa1065dd8833197c0fb87da 938 libcrypto1.0.0-udeb-dbgsym_1.0.1f-1ubuntu2.26_powerpc.ddeb 35ef5fe690bc8c4f47e21c2011c74a0d8b6df268e615fac55271ddf35a93a10b 822 libssl1.0.0-udeb-dbgsym_1.0.1f-1ubuntu2.26_powerpc.ddeb 024b19ef8a4a711add0f0088417027103772a5ee0751eb1f8a04b069bb67e8ed 926 libssl-dev-dbgsym_1.0.1f-1ubuntu2.26_powerpc.ddeb 3aa5108cea0a02bc4c66169038abe3e8019b404940139c46a25309b1d0de1c27 20331 openssl_1.0.1f-1ubuntu2.26_powerpc_translations.tar.gz Files: 05a58a92ea697bee0a4b9fa260138bbf 466944 utils optional openssl_1.0.1f-1ubuntu2.26_powerpc.deb e775cd2c2c71f21eca0f5b980077c8b7 691698 libs important libssl1.0.0_1.0.1f-1ubuntu2.26_powerpc.deb dd3245621a3501ea277fa3f91c16daa5 505480 debian-installer optional libcrypto1.0.0-udeb_1.0.1f-1ubuntu2.26_powerpc.udeb 2f3ddbd8bb3c02ca1f7545f3b552f061 106240 debian-installer optional libssl1.0.0-udeb_1.0.1f-1ubuntu2.26_powerpc.udeb c749157d95afbefe95cbaa558b64443c 945654 libdevel optional libssl-dev_1.0.1f-1ubuntu2.26_powerpc.deb b5b301a3b98f98eb22ff0930fdd717f1 2697088 debug extra libssl1.0.0-dbg_1.0.1f-1ubuntu2.26_powerpc.deb 45d558e39b48b27787cff146a67e7358 1062 utils extra openssl-dbgsym_1.0.1f-1ubuntu2.26_powerpc.ddeb 920107de34a92007bcb5f18a270f4261 902 libs extra libssl1.0.0-dbgsym_1.0.1f-1ubuntu2.26_powerpc.ddeb f36f0600dcaa6bec3f8002a17f953b5d 938 debian-installer extra libcrypto1.0.0-udeb-dbgsym_1.0.1f-1ubuntu2.26_powerpc.ddeb 8da6d5ace92e8d96f2acc4cf5f0768df 822 debian-installer extra libssl1.0.0-udeb-dbgsym_1.0.1f-1ubuntu2.26_powerpc.ddeb 7fedd78cf4411becc407c5562bfcc33b 926 libdevel extra libssl-dev-dbgsym_1.0.1f-1ubuntu2.26_powerpc.ddeb 0c42a6b3f25b33acc2f03038ddedd773 20331 raw-translations - openssl_1.0.1f-1ubuntu2.26_powerpc_translations.tar.gz Original-Maintainer: Debian OpenSSL Team Package-Type: udeb