Format: 1.8
Date: Wed, 15 Oct 2014 12:56:03 -0400
Source: openssl
Binary: openssl libssl1.0.0 libcrypto1.0.0-udeb libssl1.0.0-udeb libssl-dev libssl-doc libssl1.0.0-dbg
Architecture: amd64 amd64_translations
Version: 1.0.1f-1ubuntu2.7
Distribution: trusty
Urgency: medium
Maintainer: Ubuntu/amd64 Build Daemon <buildd@batsu.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description: 
 libcrypto1.0.0-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb)
 libssl-dev - Secure Sockets Layer toolkit - development files
 libssl-doc - Secure Sockets Layer toolkit - development documentation
 libssl1.0.0 - Secure Sockets Layer toolkit - shared libraries
 libssl1.0.0-dbg - Secure Sockets Layer toolkit - debug information
 libssl1.0.0-udeb - ssl shared library - udeb (udeb)
 openssl    - Secure Sockets Layer toolkit - cryptographic utility
Changes: 
 openssl (1.0.1f-1ubuntu2.7) trusty-security; urgency=medium
 .
   * SECURITY UPDATE: denial of service via DTLS SRTP memory leak
     - debian/patches/CVE-2014-3513.patch: fix logic in ssl/d1_srtp.c,
       ssl/srtp.h, ssl/t1_lib.c, util/mk1mf.pl, util/mkdef.pl,
       util/ssleay.num.
     - CVE-2014-3513
   * SECURITY UPDATE: denial of service via session ticket integrity check
     memory leak
     - debian/patches/CVE-2014-3567.patch: perform cleanup in ssl/t1_lib.c.
     - CVE-2014-3567
   * SECURITY UPDATE: fix the no-ssl3 build option
     - debian/patches/CVE-2014-3568.patch: fix conditional code in
       ssl/s23_clnt.c, ssl/s23_srvr.c.
     - CVE-2014-3568
   * SECURITY IMPROVEMENT: Added TLS_FALLBACK_SCSV support to mitigate a
     protocol downgrade attack to SSLv3 that exposes the POODLE attack.
     - debian/patches/tls_fallback_scsv_support.patch: added support for
       TLS_FALLBACK_SCSV in apps/s_client.c, crypto/err/openssl.ec,
       ssl/d1_lib.c, ssl/dtls1.h, ssl/s23_clnt.c, ssl/s23_srvr.c,
       ssl/s2_lib.c, ssl/s3_enc.c, ssl/s3_lib.c, ssl/ssl.h, ssl/ssl3.h,
       ssl/ssl_err.c, ssl/ssl_lib.c, ssl/t1_enc.c, ssl/tls1.h,
       doc/apps/s_client.pod, doc/ssl/SSL_CTX_set_mode.pod.
Checksums-Sha1: 
 d215344ff3a92b0452d1080790679e3801384cda 488750 openssl_1.0.1f-1ubuntu2.7_amd64.deb
 82cce99930aed4da575bcec5d624fc1d0bb65170 826506 libssl1.0.0_1.0.1f-1ubuntu2.7_amd64.deb
 df53c74abba830f9cbb69807ca314edf1a356bd1 614752 libcrypto1.0.0-udeb_1.0.1f-1ubuntu2.7_amd64.udeb
 be830a5d813914e037563b55d5d3f933505602b3 123674 libssl1.0.0-udeb_1.0.1f-1ubuntu2.7_amd64.udeb
 e33bb45d65051c0d05dfa896153c4feaf21c6b1f 1071014 libssl-dev_1.0.1f-1ubuntu2.7_amd64.deb
 283cede6a400e7943cf58675ff8eb9542a1be2c1 2653958 libssl1.0.0-dbg_1.0.1f-1ubuntu2.7_amd64.deb
 4d4af9ec08352565c3279b42eb343ba06c79af5c 20215 openssl_1.0.1f-1ubuntu2.7_amd64_translations.tar.gz
Checksums-Sha256: 
 885ce1fa158b1fade25262d0234e0d4d2f411bf573bd50e993a285d0425499c3 488750 openssl_1.0.1f-1ubuntu2.7_amd64.deb
 e2ea7429e7323fb8ac35870d9ed1a26f5dfe7ff82f9c132d23a246519c2ba666 826506 libssl1.0.0_1.0.1f-1ubuntu2.7_amd64.deb
 fb34d321e53ccae7fa70128023138258eedc64283497110ee7ea6765fd108fe2 614752 libcrypto1.0.0-udeb_1.0.1f-1ubuntu2.7_amd64.udeb
 6ad11830398b30a421f10834808e041f54bb873576ac48e8220e9928df3c18ab 123674 libssl1.0.0-udeb_1.0.1f-1ubuntu2.7_amd64.udeb
 3dc539773d2b67d8db984d7b159a2b8ed07674329f6eb471b2a3c67932876394 1071014 libssl-dev_1.0.1f-1ubuntu2.7_amd64.deb
 d62a884b6d8c72d017d82d4aec0b62e15cfc19da74b130c5e8e11f25fe5c7ed7 2653958 libssl1.0.0-dbg_1.0.1f-1ubuntu2.7_amd64.deb
 62813dcba1bb04fa7bbc234f35637b91ea94786c35522dd5f4160e14f8f72b77 20215 openssl_1.0.1f-1ubuntu2.7_amd64_translations.tar.gz
Files: 
 7fda9b72803665f41dadc3de17a3e74e 488750 utils optional openssl_1.0.1f-1ubuntu2.7_amd64.deb
 4dfa6fd99f50ac11d3c8b00a9355ac3a 826506 libs important libssl1.0.0_1.0.1f-1ubuntu2.7_amd64.deb
 1854ac774e39cc11f9f3dc85a23a5271 614752 debian-installer optional libcrypto1.0.0-udeb_1.0.1f-1ubuntu2.7_amd64.udeb
 74fb974d8f88594f3adc877b9dd43c5d 123674 debian-installer optional libssl1.0.0-udeb_1.0.1f-1ubuntu2.7_amd64.udeb
 a6db8d1ab4c1563587d6330b68ace0c3 1071014 libdevel optional libssl-dev_1.0.1f-1ubuntu2.7_amd64.deb
 4027b74cb19a92b1133bb1b138130fad 2653958 debug extra libssl1.0.0-dbg_1.0.1f-1ubuntu2.7_amd64.deb
 7e65716e789b7792e40be13bdf3709e8 20215 raw-translations - openssl_1.0.1f-1ubuntu2.7_amd64_translations.tar.gz
Original-Maintainer: Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>
Package-Type: udeb