Format: 1.8 Date: Wed, 15 Oct 2014 12:56:03 -0400 Source: openssl Binary: openssl libssl1.0.0 libcrypto1.0.0-udeb libssl1.0.0-udeb libssl-dev libssl-doc libssl1.0.0-dbg Architecture: arm64 arm64_translations Version: 1.0.1f-1ubuntu2.7 Distribution: trusty Urgency: medium Maintainer: Ubuntu Build Daemon Changed-By: Marc Deslauriers Description: libcrypto1.0.0-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb) libssl-dev - Secure Sockets Layer toolkit - development files libssl-doc - Secure Sockets Layer toolkit - development documentation libssl1.0.0 - Secure Sockets Layer toolkit - shared libraries libssl1.0.0-dbg - Secure Sockets Layer toolkit - debug information libssl1.0.0-udeb - ssl shared library - udeb (udeb) openssl - Secure Sockets Layer toolkit - cryptographic utility Changes: openssl (1.0.1f-1ubuntu2.7) trusty-security; urgency=medium . * SECURITY UPDATE: denial of service via DTLS SRTP memory leak - debian/patches/CVE-2014-3513.patch: fix logic in ssl/d1_srtp.c, ssl/srtp.h, ssl/t1_lib.c, util/mk1mf.pl, util/mkdef.pl, util/ssleay.num. - CVE-2014-3513 * SECURITY UPDATE: denial of service via session ticket integrity check memory leak - debian/patches/CVE-2014-3567.patch: perform cleanup in ssl/t1_lib.c. - CVE-2014-3567 * SECURITY UPDATE: fix the no-ssl3 build option - debian/patches/CVE-2014-3568.patch: fix conditional code in ssl/s23_clnt.c, ssl/s23_srvr.c. - CVE-2014-3568 * SECURITY IMPROVEMENT: Added TLS_FALLBACK_SCSV support to mitigate a protocol downgrade attack to SSLv3 that exposes the POODLE attack. - debian/patches/tls_fallback_scsv_support.patch: added support for TLS_FALLBACK_SCSV in apps/s_client.c, crypto/err/openssl.ec, ssl/d1_lib.c, ssl/dtls1.h, ssl/s23_clnt.c, ssl/s23_srvr.c, ssl/s2_lib.c, ssl/s3_enc.c, ssl/s3_lib.c, ssl/ssl.h, ssl/ssl3.h, ssl/ssl_err.c, ssl/ssl_lib.c, ssl/t1_enc.c, ssl/tls1.h, doc/apps/s_client.pod, doc/ssl/SSL_CTX_set_mode.pod. Checksums-Sha1: 1ab4030a85b0ace41a7c0b4fe609fcad88aedd72 475844 openssl_1.0.1f-1ubuntu2.7_arm64.deb d6bed85f8c6cf181d130dd81b623158b2eeb50f4 656122 libssl1.0.0_1.0.1f-1ubuntu2.7_arm64.deb e96c6ce3ff13b934c980df10057c31687ef7a176 477458 libcrypto1.0.0-udeb_1.0.1f-1ubuntu2.7_arm64.udeb d634e8f5f7af063133029386e8b4b490d5011167 99910 libssl1.0.0-udeb_1.0.1f-1ubuntu2.7_arm64.udeb d4a6dc6eb45b332a6fcc18482219be3bfb98aef8 944756 libssl-dev_1.0.1f-1ubuntu2.7_arm64.deb 91de9626f79e667e9bb380bbbf928e8203fe03e4 2676026 libssl1.0.0-dbg_1.0.1f-1ubuntu2.7_arm64.deb 12d96bba9f0833cf902bc1f02b18d8aa4b2e7705 20953 openssl_1.0.1f-1ubuntu2.7_arm64_translations.tar.gz Checksums-Sha256: 9bdae4004cbf31bb4f37cb38acb925814541e6c446956f6e4bcfbcf6d7ae2659 475844 openssl_1.0.1f-1ubuntu2.7_arm64.deb 57a19eba8a0a733a060f823333666be49f80a7fde55f58fed5102d07f1c5c9ef 656122 libssl1.0.0_1.0.1f-1ubuntu2.7_arm64.deb f8f968a360335c76bf2c84307b613d6037cc93b6e03042be4d69809ba1d3f3e2 477458 libcrypto1.0.0-udeb_1.0.1f-1ubuntu2.7_arm64.udeb 1fcf0d5ba1e711eaf3e397951df458ef838c8b67f6d05d3564ea0dea513013e9 99910 libssl1.0.0-udeb_1.0.1f-1ubuntu2.7_arm64.udeb 37d07eee4ac4bc6107e8d3cf3fbc9c30b9c5d9f398d91925459c382d4bdae1b9 944756 libssl-dev_1.0.1f-1ubuntu2.7_arm64.deb dd3df085cb8923a840b3b933b1231b392a8318f49d0fd42298d22e4fae69e289 2676026 libssl1.0.0-dbg_1.0.1f-1ubuntu2.7_arm64.deb 3109b2746c42380102341dba67b60c0f25adddb1a4b8e674992c97679f43d1a1 20953 openssl_1.0.1f-1ubuntu2.7_arm64_translations.tar.gz Files: a35ba733cde4dabf91479a631dd22794 475844 utils optional openssl_1.0.1f-1ubuntu2.7_arm64.deb d6f1849673c155651594f38d68c4cffe 656122 libs important libssl1.0.0_1.0.1f-1ubuntu2.7_arm64.deb d5eaf4b98afff0745257057ce00db6cd 477458 debian-installer optional libcrypto1.0.0-udeb_1.0.1f-1ubuntu2.7_arm64.udeb d7ddf00bda085285f27036e46d77e95e 99910 debian-installer optional libssl1.0.0-udeb_1.0.1f-1ubuntu2.7_arm64.udeb 8fc1b6b228d776407a235113638f443c 944756 libdevel optional libssl-dev_1.0.1f-1ubuntu2.7_arm64.deb 19e56bb230061d2b4c1f559a5a355569 2676026 debug extra libssl1.0.0-dbg_1.0.1f-1ubuntu2.7_arm64.deb 765f34d815dd55dcb3044151556c7cfd 20953 raw-translations - openssl_1.0.1f-1ubuntu2.7_arm64_translations.tar.gz Original-Maintainer: Debian OpenSSL Team Package-Type: udeb