Format: 1.8 Date: Mon, 02 Jun 2014 13:57:34 -0400 Source: openssl Binary: openssl libssl1.0.0 libcrypto1.0.0-udeb libssl1.0.0-udeb libssl-dev libssl-doc libssl1.0.0-dbg Architecture: powerpc powerpc_translations Version: 1.0.1f-1ubuntu2.2 Distribution: trusty Urgency: medium Maintainer: Ubuntu/powerpc Build Daemon Changed-By: Marc Deslauriers Description: libcrypto1.0.0-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb) libssl-dev - Secure Sockets Layer toolkit - development files libssl-doc - Secure Sockets Layer toolkit - development documentation libssl1.0.0 - Secure Sockets Layer toolkit - shared libraries libssl1.0.0-dbg - Secure Sockets Layer toolkit - debug information libssl1.0.0-udeb - ssl shared library - udeb (udeb) openssl - Secure Sockets Layer toolkit - cryptographic utility Changes: openssl (1.0.1f-1ubuntu2.2) trusty-security; urgency=medium . * SECURITY UPDATE: arbitrary code execution via DTLS invalid fragment - debian/patches/CVE-2014-0195.patch: add consistency check for DTLS fragments in ssl/d1_both.c. - CVE-2014-0195 * SECURITY UPDATE: denial of service via DTLS recursion flaw - debian/patches/CVE-2014-0221.patch: handle DTLS hello request without recursion in ssl/d1_both.c. - CVE-2014-0221 * SECURITY UPDATE: MITM via change cipher spec - debian/patches/CVE-2014-0224-1.patch: only accept change cipher spec when it is expected in ssl/s3_clnt.c, ssl/s3_pkt.c, ssl/s3_srvr.c, ssl/ssl3.h. - debian/patches/CVE-2014-0224-2.patch: don't accept zero length master secrets in ssl/s3_pkt.c. - debian/patches/CVE-2014-0224-3.patch: allow CCS after resumption in ssl/s3_clnt.c. - CVE-2014-0224 * SECURITY UPDATE: denial of service via ECDH null session cert - debian/patches/CVE-2014-3470.patch: check session_cert is not NULL before dereferencing it in ssl/s3_clnt.c. - CVE-2014-3470 Checksums-Sha1: db24d01b8157035f3b037aa6c7703e2cbbb6adc1 465340 openssl_1.0.1f-1ubuntu2.2_powerpc.deb 18ca756b471f9a7ab58edf7ea610a2134c78a10a 687358 libssl1.0.0_1.0.1f-1ubuntu2.2_powerpc.deb 2d792453fed1ad22cd090f0810928827247f9f2f 504746 libcrypto1.0.0-udeb_1.0.1f-1ubuntu2.2_powerpc.udeb e5bf500f2f7ec0b3aea24da3c8f49b245e5fea82 105136 libssl1.0.0-udeb_1.0.1f-1ubuntu2.2_powerpc.udeb f80e0e51a7f86bda5e5236636f739f23dc75179c 943712 libssl-dev_1.0.1f-1ubuntu2.2_powerpc.deb cde33d931fc44d7a5551e1ee819fbe6f46f68e02 2691448 libssl1.0.0-dbg_1.0.1f-1ubuntu2.2_powerpc.deb 862fcec22137f1cdc85bf969e6ec4823ba049ced 20539 openssl_1.0.1f-1ubuntu2.2_powerpc_translations.tar.gz Checksums-Sha256: fb4578392af7daec5f47d39d21b8205a409f1f38cbe5add63bc1a46c816ae6e5 465340 openssl_1.0.1f-1ubuntu2.2_powerpc.deb 2c028c6c6ad0414ef5b5bc9cda053da8b5716f55bfa600aca3f292d7e2435ca6 687358 libssl1.0.0_1.0.1f-1ubuntu2.2_powerpc.deb 07f516204925ba9f5e46ccb311f425bc7c2f616a5c9217b6f3380c8cf3b87b1a 504746 libcrypto1.0.0-udeb_1.0.1f-1ubuntu2.2_powerpc.udeb c66b7a6a09909519a468142204689e421b2cf9fc7eeae473c27ec4ade92b7085 105136 libssl1.0.0-udeb_1.0.1f-1ubuntu2.2_powerpc.udeb 57b50a03170bcfca69430e9186c381f99ecad98873656f0866a233ea79d9b79a 943712 libssl-dev_1.0.1f-1ubuntu2.2_powerpc.deb 8aa799c629296533186f726313d9e0bd14cf05da6eac24776172d954997c717c 2691448 libssl1.0.0-dbg_1.0.1f-1ubuntu2.2_powerpc.deb cfdc671ce2a188b7ab1bd0eb835f48743b01bf812e9730b0aa9229e640bd3cbf 20539 openssl_1.0.1f-1ubuntu2.2_powerpc_translations.tar.gz Files: b90293bd0c79d583db55b6d948cbe017 465340 utils optional openssl_1.0.1f-1ubuntu2.2_powerpc.deb c1dbd7e779004ebb18ecfa7e180c5748 687358 libs important libssl1.0.0_1.0.1f-1ubuntu2.2_powerpc.deb 6f8970d9b6b2bb9efce53ea94ba8194e 504746 debian-installer optional libcrypto1.0.0-udeb_1.0.1f-1ubuntu2.2_powerpc.udeb 88f797d4b5251408ab7692c8dcd2f159 105136 debian-installer optional libssl1.0.0-udeb_1.0.1f-1ubuntu2.2_powerpc.udeb 03a9c460f07ca0244865f7e63f44ec38 943712 libdevel optional libssl-dev_1.0.1f-1ubuntu2.2_powerpc.deb da85b644926620050b0cc156cc4fd9e0 2691448 debug extra libssl1.0.0-dbg_1.0.1f-1ubuntu2.2_powerpc.deb ce56c42b660e3b19e72c74f68297a6b4 20539 raw-translations - openssl_1.0.1f-1ubuntu2.2_powerpc_translations.tar.gz Original-Maintainer: Debian OpenSSL Team Package-Type: udeb