Format: 1.8 Date: Wed, 27 May 2020 15:04:47 -0400 Source: openssl Binary: libcrypto1.1-udeb libssl-dev libssl1.1 libssl1.1-udeb openssl Architecture: armhf armhf_translations Version: 1.1.1c-1ubuntu4.1 Distribution: eoan Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: libcrypto1.1-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb) libssl-dev - Secure Sockets Layer toolkit - development files libssl1.1 - Secure Sockets Layer toolkit - shared libraries libssl1.1-udeb - ssl shared library - udeb (udeb) openssl - Secure Sockets Layer toolkit - cryptographic utility Changes: openssl (1.1.1c-1ubuntu4.1) eoan-security; urgency=medium . * SECURITY UPDATE: ECDSA remote timing attack - debian/patches/CVE-2019-1547.patch: for ECC parameters with NULL or zero cofactor, compute it in crypto/ec/ec_lib.c. - CVE-2019-1547 * SECURITY UPDATE: Fork Protection - debian/patches/CVE-2019-1549.patch: ensure fork-safety without using a pthread_atfork handler in crypto/include/internal/rand_int.h, crypto/init.c, crypto/rand/drbg_lib.c, crypto/rand/rand_lcl.h, crypto/rand/rand_lib.c, crypto/threads_none.c, crypto/threads_pthread.c, crypto/threads_win.c, include/internal/cryptlib.h, test/drbgtest.c. - CVE-2019-1549 * SECURITY UPDATE: rsaz_512_sqr overflow bug on x86_64 - debian/patches/CVE-2019-1551.patch: fix an overflow bug in rsaz_512_sqr in crypto/bn/asm/rsaz-x86_64.pl. - CVE-2019-1551 * SECURITY UPDATE: Padding Oracle issue - debian/patches/CVE-2019-1563.patch: fix a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey in crypto/cms/cms_env.c, crypto/cms/cms_lcl.h, crypto/cms/cms_smime.c, crypto/pkcs7/pk7_doit.c. - CVE-2019-1563 Checksums-Sha1: 5354b9a06b6eef8a609cc2a751cd5bfdf3eb3204 885396 libcrypto1.1-udeb_1.1.1c-1ubuntu4.1_armhf.udeb 68f6e27d88039fd32c86a71acd0fc9801d47b188 1375964 libssl-dev_1.1.1c-1ubuntu4.1_armhf.deb 045a0075985d910037cc24be5b4a7709806fda38 3802720 libssl1.1-dbgsym_1.1.1c-1ubuntu4.1_armhf.ddeb bad3ae07e090e658c2aa1530a92ec88380f68bb2 155664 libssl1.1-udeb_1.1.1c-1ubuntu4.1_armhf.udeb 525d8f3ece481e07ba096682ffd16861916ec8ee 1076956 libssl1.1_1.1.1c-1ubuntu4.1_armhf.deb 309ef9c2645ebc4e1e88bc74050de404d5edb775 617392 openssl-dbgsym_1.1.1c-1ubuntu4.1_armhf.ddeb 4772a3679ce156289e9fcfc6fba0dc8caaec9605 6921 openssl_1.1.1c-1ubuntu4.1_armhf.buildinfo 2520024f16b5639c7b90c4cc4312a57d3622bfed 596252 openssl_1.1.1c-1ubuntu4.1_armhf.deb 55c7805df5e22ee63ee7e25a4cd12e3d038ca4ea 26699 openssl_1.1.1c-1ubuntu4.1_armhf_translations.tar.gz Checksums-Sha256: 2c07fb7b6469946353c307a509bc6eca58b8b503c30405f19eb109378448bf97 885396 libcrypto1.1-udeb_1.1.1c-1ubuntu4.1_armhf.udeb c0037af17c301c06d7b96e63086f66b1bc551781e1d33b59eb3ce174ca20d69a 1375964 libssl-dev_1.1.1c-1ubuntu4.1_armhf.deb eaedd06a715632eb9cb5221e4bb718dd9a518d336ca46bfd92072d034840a1c9 3802720 libssl1.1-dbgsym_1.1.1c-1ubuntu4.1_armhf.ddeb 23bb39d6c70d81f7af8581369fd790dc92471d50c20a0dd24dbefddd8bf6ea37 155664 libssl1.1-udeb_1.1.1c-1ubuntu4.1_armhf.udeb 67b9b810020dca9f7f6d93599b110a52b084328da5ea1844bb71dff4ccb3dc6c 1076956 libssl1.1_1.1.1c-1ubuntu4.1_armhf.deb 70d7fd9aecaf61a6036af1d88ad690395163b18ff1d29d046b5b91b7429b6e1f 617392 openssl-dbgsym_1.1.1c-1ubuntu4.1_armhf.ddeb 7f6215a3064be937a1b17bf3817b1cc0c7121f04ec954981591b32fe51663611 6921 openssl_1.1.1c-1ubuntu4.1_armhf.buildinfo 007cf6ca43036440a233fe7a7c147de1896b1f0909f5d53e7adc1d14017b2bad 596252 openssl_1.1.1c-1ubuntu4.1_armhf.deb 9ab52fc1e710c308a327d2b4d14c13ca411be31034b1fad8ac9156168b7c38aa 26699 openssl_1.1.1c-1ubuntu4.1_armhf_translations.tar.gz Files: b563a5292ea49dc29b8399d106a14c76 885396 debian-installer optional libcrypto1.1-udeb_1.1.1c-1ubuntu4.1_armhf.udeb da97edbdab7dd4a86322cccbdd5834b2 1375964 libdevel optional libssl-dev_1.1.1c-1ubuntu4.1_armhf.deb 88c505ec8d94d8782b6bbabba0c18f33 3802720 debug optional libssl1.1-dbgsym_1.1.1c-1ubuntu4.1_armhf.ddeb b968614ec40df2fecbf9e7ccb016943c 155664 debian-installer optional libssl1.1-udeb_1.1.1c-1ubuntu4.1_armhf.udeb dc8cda0563d7606d358d4de43a85cbf6 1076956 libs optional libssl1.1_1.1.1c-1ubuntu4.1_armhf.deb 69b4c3063e4bb868d0df4a5272130618 617392 debug optional openssl-dbgsym_1.1.1c-1ubuntu4.1_armhf.ddeb 06d2200ff125252f9d2d3552d3d92c0d 6921 utils optional openssl_1.1.1c-1ubuntu4.1_armhf.buildinfo da2bed518023c8b438feba038178e684 596252 utils optional openssl_1.1.1c-1ubuntu4.1_armhf.deb 09886dd7c9869c07eea769b5a800ad01 26699 raw-translations - openssl_1.1.1c-1ubuntu4.1_armhf_translations.tar.gz Original-Maintainer: Debian OpenSSL Team