Format: 1.8
Date: Thu, 19 Mar 2015 10:04:30 -0400
Source: openssl
Binary: openssl libssl1.0.0 libcrypto1.0.0-udeb libssl1.0.0-udeb libssl-dev libssl-doc libssl1.0.0-dbg
Architecture: ppc64el ppc64el_translations
Version: 1.0.1f-1ubuntu2.11
Distribution: trusty
Urgency: medium
Maintainer: Ubuntu Build Daemon <buildd@fisher04.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description: 
 libcrypto1.0.0-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb)
 libssl-dev - Secure Sockets Layer toolkit - development files
 libssl-doc - Secure Sockets Layer toolkit - development documentation
 libssl1.0.0 - Secure Sockets Layer toolkit - shared libraries
 libssl1.0.0-dbg - Secure Sockets Layer toolkit - debug information
 libssl1.0.0-udeb - ssl shared library - udeb (udeb)
 openssl    - Secure Sockets Layer toolkit - cryptographic utility
Changes: 
 openssl (1.0.1f-1ubuntu2.11) trusty-security; urgency=medium
 .
   * SECURITY UPDATE: denial of service and possible memory corruption via
     malformed EC private key
     - debian/patches/CVE-2015-0209.patch: fix use after free in
       crypto/ec/ec_asn1.c.
     - debian/patches/CVE-2015-0209-2.patch: fix a failure to NULL a pointer
       freed on error in crypto/asn1/x_x509.c, crypto/ec/ec_asn1.c.
     - CVE-2015-0209
   * SECURITY UPDATE: denial of service via cert verification
     - debian/patches/CVE-2015-0286.patch: handle boolean types in
       crypto/asn1/a_type.c.
     - CVE-2015-0286
   * SECURITY UPDATE: ASN.1 structure reuse memory corruption
     - debian/patches/CVE-2015-0287.patch: free up structures in
       crypto/asn1/tasn_dec.c.
     - CVE-2015-0287
   * SECURITY UPDATE: denial of service via invalid certificate key
     - debian/patches/CVE-2015-0288.patch: check public key isn't NULL in
       crypto/x509/x509_req.c.
     - CVE-2015-0288
   * SECURITY UPDATE: denial of service and possible code execution via
     PKCS#7 parsing
     - debian/patches/CVE-2015-0289.patch: handle missing content in
       crypto/pkcs7/pk7_doit.c, crypto/pkcs7/pk7_lib.c.
     - CVE-2015-0289
   * SECURITY UPDATE: denial of service or memory corruption via base64
     decoding
     - debian/patches/CVE-2015-0292.patch: prevent underflow in
       crypto/evp/encode.c.
     - CVE-2015-0292
   * SECURITY UPDATE: denial of service via assert in SSLv2 servers
     - debian/patches/CVE-2015-0293.patch: check key lengths in
       ssl/s2_lib.c, ssl/s2_srvr.c.
     - debian/patches/CVE-2015-0293-2.patch: fix unsigned/signed warnings in
       ssl/s2_srvr.c.
     - CVE-2015-0293
Checksums-Sha1: 
 4611fa62b43ca5eef118fd441cb4a83cd6c141ad 478528 openssl_1.0.1f-1ubuntu2.11_ppc64el.deb
 7a214ec16fe164ab491e8c3721e937be456bac91 764944 libssl1.0.0_1.0.1f-1ubuntu2.11_ppc64el.deb
 30926b25d800cc6b25b7bad360614759a1de8e92 560506 libcrypto1.0.0-udeb_1.0.1f-1ubuntu2.11_ppc64el.udeb
 7d03b3ade6b2fcd6e2e8fd7ffa5eef708e7813d0 117546 libssl1.0.0-udeb_1.0.1f-1ubuntu2.11_ppc64el.udeb
 4e784eabd70f097c4d9404b99f2a73f9e21d7d70 1106332 libssl-dev_1.0.1f-1ubuntu2.11_ppc64el.deb
 769da7b083ebad0c9f91526b70f29dc7c7b92f86 2857614 libssl1.0.0-dbg_1.0.1f-1ubuntu2.11_ppc64el.deb
 80482629d144dc757dc3bf8501e7551316fcb4d6 20443 openssl_1.0.1f-1ubuntu2.11_ppc64el_translations.tar.gz
Checksums-Sha256: 
 57eeea259271e66a104876eada4ba59a6c1b0ba4b758e01e5768412314c8e34c 478528 openssl_1.0.1f-1ubuntu2.11_ppc64el.deb
 9d18f128d066c7f4245025ecbd0db2b899ab53a22017204466316b19f03705d0 764944 libssl1.0.0_1.0.1f-1ubuntu2.11_ppc64el.deb
 a2c86654fda70a13b130def92418e556b20217a3019232181ed0b4d255d9e884 560506 libcrypto1.0.0-udeb_1.0.1f-1ubuntu2.11_ppc64el.udeb
 1023dce090c93875f67a08fabdfd88678f06216287c39aba3e79a0a3399b8791 117546 libssl1.0.0-udeb_1.0.1f-1ubuntu2.11_ppc64el.udeb
 5232510694fb713b6976b3c484bb4c33e2f7c58654d687d9c923e61cd0f1a587 1106332 libssl-dev_1.0.1f-1ubuntu2.11_ppc64el.deb
 22f7efce763286acdb083baee443ae70f73ae5e2b902c6c4eb5aa5573ca35c3d 2857614 libssl1.0.0-dbg_1.0.1f-1ubuntu2.11_ppc64el.deb
 ed038c1dcda7b56b10b8029f49ed0c3e8f9d2d847727c68db83dc62638833d96 20443 openssl_1.0.1f-1ubuntu2.11_ppc64el_translations.tar.gz
Files: 
 0416cfe8f77072457be731b4d5403c89 478528 utils optional openssl_1.0.1f-1ubuntu2.11_ppc64el.deb
 ab23fb15b3577d6e2943a55d9aaa898c 764944 libs important libssl1.0.0_1.0.1f-1ubuntu2.11_ppc64el.deb
 b2626ec00568a0e49ff5222d1cc4b355 560506 debian-installer optional libcrypto1.0.0-udeb_1.0.1f-1ubuntu2.11_ppc64el.udeb
 9003cd29e3d7b73b697a53562bbd66d5 117546 debian-installer optional libssl1.0.0-udeb_1.0.1f-1ubuntu2.11_ppc64el.udeb
 517f4bc6184145f81f28aa6a1f82b0fb 1106332 libdevel optional libssl-dev_1.0.1f-1ubuntu2.11_ppc64el.deb
 d70007b687ae4f431cabc9245e2dedae 2857614 debug extra libssl1.0.0-dbg_1.0.1f-1ubuntu2.11_ppc64el.deb
 3107e2937ddd95cb90fd4294e7875c13 20443 raw-translations - openssl_1.0.1f-1ubuntu2.11_ppc64el_translations.tar.gz
Original-Maintainer: Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>
Package-Type: udeb