Format: 1.8 Date: Mon, 29 Feb 2016 07:56:15 -0500 Source: openssl Binary: openssl libssl1.0.0 libcrypto1.0.0-udeb libssl1.0.0-udeb libssl-dev libssl-doc libssl1.0.0-dbg Architecture: arm64 arm64_translations Version: 1.0.1f-1ubuntu2.18 Distribution: trusty Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: libcrypto1.0.0-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb) libssl-dev - Secure Sockets Layer toolkit - development files libssl-doc - Secure Sockets Layer toolkit - development documentation libssl1.0.0 - Secure Sockets Layer toolkit - shared libraries libssl1.0.0-dbg - Secure Sockets Layer toolkit - debug information libssl1.0.0-udeb - ssl shared library - udeb (udeb) openssl - Secure Sockets Layer toolkit - cryptographic utility Launchpad-Bugs-Fixed: 1550643 Changes: openssl (1.0.1f-1ubuntu2.18) trusty-security; urgency=medium . * SECURITY UPDATE: side channel attack on modular exponentiation - debian/patches/CVE-2016-0702.patch: use constant-time calculations in crypto/bn/asm/x86_64-mont5.pl, crypto/bn/bn_exp.c, crypto/perlasm/x86_64-xlate.pl, crypto/constant_time_locl.h. - CVE-2016-0702 * SECURITY UPDATE: double-free in DSA code - debian/patches/CVE-2016-0705.patch: fix double-free in crypto/dsa/dsa_ameth.c. - CVE-2016-0705 * SECURITY UPDATE: BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption - debian/patches/CVE-2016-0797.patch: prevent overflow in crypto/bn/bn_print.c, crypto/bn/bn.h. - CVE-2016-0797 * SECURITY UPDATE: memory leak in SRP database lookups - debian/patches/CVE-2016-0798.patch: disable SRP fake user seed and introduce new SRP_VBASE_get1_by_user function that handled seed properly in apps/s_server.c, crypto/srp/srp.h, crypto/srp/srp_vfy.c, util/libeay.num, openssl.ld. - CVE-2016-0798 * SECURITY UPDATE: memory issues in BIO_*printf functions - debian/patches/CVE-2016-0799.patch: prevent overflow in crypto/bio/b_print.c. - CVE-2016-0799 * debian/patches/preserve_digests_for_sni.patch: preserve negotiated digests for SNI when SSL_set_SSL_CTX is called in ssl/ssl_lib.c. (LP: #1550643) Checksums-Sha1: acabb8022b3f12a199845a697e7eff27470e8177 476312 openssl_1.0.1f-1ubuntu2.18_arm64.deb 47d98a65bd6568e78f9e4bd10bf326c5da21ffbc 656676 libssl1.0.0_1.0.1f-1ubuntu2.18_arm64.deb 37935cce79c4b04b90298b8f903e758f4cba1c06 478762 libcrypto1.0.0-udeb_1.0.1f-1ubuntu2.18_arm64.udeb fd2f3c67da8c3fd33963c5b195faac79c2daab6e 100322 libssl1.0.0-udeb_1.0.1f-1ubuntu2.18_arm64.udeb 56296453ae1b452a5bd809d4baba421a2ec1a146 949938 libssl-dev_1.0.1f-1ubuntu2.18_arm64.deb 62dcf0980493696e781acadf895b0ca35a3c5752 2682604 libssl1.0.0-dbg_1.0.1f-1ubuntu2.18_arm64.deb 3726596c1e613d06d0b7e1811709ee6197ceca4e 1058 openssl-dbgsym_1.0.1f-1ubuntu2.18_arm64.ddeb 133b394595650ca05b0732aac9b701d7f0f684c1 900 libssl1.0.0-dbgsym_1.0.1f-1ubuntu2.18_arm64.ddeb c877eab1a2443000ff18a79581aab1cfe4be9a4f 938 libcrypto1.0.0-udeb-dbgsym_1.0.1f-1ubuntu2.18_arm64.ddeb ad1583dc30b79f7d26ee1be378d6232cb3a7b8ec 818 libssl1.0.0-udeb-dbgsym_1.0.1f-1ubuntu2.18_arm64.ddeb 858513692622204c873e77bb08bbfde5f1f7aa01 924 libssl-dev-dbgsym_1.0.1f-1ubuntu2.18_arm64.ddeb e00441575d32087f093e1ebcd5bf61fd88e98863 20481 openssl_1.0.1f-1ubuntu2.18_arm64_translations.tar.gz Checksums-Sha256: d1539c3444d11c81db91dc3390ef080a60ab9bfcc0989f876a73f166b22e80b4 476312 openssl_1.0.1f-1ubuntu2.18_arm64.deb 7901c02783b2a733967bf4b031513189a5c024b1758c891810d1b54d38d7ca17 656676 libssl1.0.0_1.0.1f-1ubuntu2.18_arm64.deb 941e9d5896e7b1558b3482e1e8608fa940cea422a0087bb619b2cf4ac95bf888 478762 libcrypto1.0.0-udeb_1.0.1f-1ubuntu2.18_arm64.udeb a3b43040bbaf198008de2dc56d5a2b12d0e8464fa2560938ae095928c3637c78 100322 libssl1.0.0-udeb_1.0.1f-1ubuntu2.18_arm64.udeb da16355d78230109fdee60039fb3de7effd86ced94b90b8ce3af78a950d3428c 949938 libssl-dev_1.0.1f-1ubuntu2.18_arm64.deb c10c1b9e955970e30bcfd3f324972df72db99ccd369be0dead5e4731e25ef21b 2682604 libssl1.0.0-dbg_1.0.1f-1ubuntu2.18_arm64.deb 80cadec4e52c0b8ccf218c2d7ccbf68f6fd1b4273a1de1bd1553639a955f7e43 1058 openssl-dbgsym_1.0.1f-1ubuntu2.18_arm64.ddeb d0e65bbd4e4450bc4f0a81ee74ea7146c498ab753c33182b35145922e1a9473a 900 libssl1.0.0-dbgsym_1.0.1f-1ubuntu2.18_arm64.ddeb 89439fce359627b5e3de7d48059643e81d9236b545c9ebdce3cde8703d45cf5a 938 libcrypto1.0.0-udeb-dbgsym_1.0.1f-1ubuntu2.18_arm64.ddeb 54f46ca645a7f07062eeda3c7a0d13cf9b87d24459beb8ed56245decbdc2a1c8 818 libssl1.0.0-udeb-dbgsym_1.0.1f-1ubuntu2.18_arm64.ddeb 920397db109c1c7525db96b5a93a6b146bcd9bc8a783fd1722f98c5d4b8ca7f8 924 libssl-dev-dbgsym_1.0.1f-1ubuntu2.18_arm64.ddeb 076035a710cc545082968f271310a3e9023da6ac6f19862eabda5581203ca3ea 20481 openssl_1.0.1f-1ubuntu2.18_arm64_translations.tar.gz Files: c614b4413a14fa1ef87e7ea6f9cd5167 476312 utils optional openssl_1.0.1f-1ubuntu2.18_arm64.deb 2a02c4f53beba3a2a2feb42db1de1d17 656676 libs important libssl1.0.0_1.0.1f-1ubuntu2.18_arm64.deb 30174888ada91f79e1c187f87007527c 478762 debian-installer optional libcrypto1.0.0-udeb_1.0.1f-1ubuntu2.18_arm64.udeb db3179003380eeb53781d6d4ac041da4 100322 debian-installer optional libssl1.0.0-udeb_1.0.1f-1ubuntu2.18_arm64.udeb ceaa35b65dd61ee08fb4a3d5f0700c70 949938 libdevel optional libssl-dev_1.0.1f-1ubuntu2.18_arm64.deb 1d6d381d52ce7e71b99b6e2e24e3ae7b 2682604 debug extra libssl1.0.0-dbg_1.0.1f-1ubuntu2.18_arm64.deb f37fe3c28f7e409132a92c225d405b99 1058 utils extra openssl-dbgsym_1.0.1f-1ubuntu2.18_arm64.ddeb 4689ad6060982e9c33b7787d13892d25 900 libs extra libssl1.0.0-dbgsym_1.0.1f-1ubuntu2.18_arm64.ddeb 38c429adbcf4ed8bc9f012687cb16dea 938 debian-installer extra libcrypto1.0.0-udeb-dbgsym_1.0.1f-1ubuntu2.18_arm64.ddeb 36d0dbfe75a7f25083ba7b2929ec6eaa 818 debian-installer extra libssl1.0.0-udeb-dbgsym_1.0.1f-1ubuntu2.18_arm64.ddeb d87bf00bdfeb3dcfb13dbfdd5c8878cc 924 libdevel extra libssl-dev-dbgsym_1.0.1f-1ubuntu2.18_arm64.ddeb db4994015a9422e454f958a2e1c6f245 20481 raw-translations - openssl_1.0.1f-1ubuntu2.18_arm64_translations.tar.gz Original-Maintainer: Debian OpenSSL Team Package-Type: udeb