Format: 1.8 Date: Mon, 29 Feb 2016 07:56:15 -0500 Source: openssl Binary: openssl libssl1.0.0 libcrypto1.0.0-udeb libssl1.0.0-udeb libssl-dev libssl-doc libssl1.0.0-dbg Architecture: all i386_translations i386 Version: 1.0.1f-1ubuntu2.18 Distribution: trusty Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: libcrypto1.0.0-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb) libssl-dev - Secure Sockets Layer toolkit - development files libssl-doc - Secure Sockets Layer toolkit - development documentation libssl1.0.0 - Secure Sockets Layer toolkit - shared libraries libssl1.0.0-dbg - Secure Sockets Layer toolkit - debug information libssl1.0.0-udeb - ssl shared library - udeb (udeb) openssl - Secure Sockets Layer toolkit - cryptographic utility Launchpad-Bugs-Fixed: 1550643 Changes: openssl (1.0.1f-1ubuntu2.18) trusty-security; urgency=medium . * SECURITY UPDATE: side channel attack on modular exponentiation - debian/patches/CVE-2016-0702.patch: use constant-time calculations in crypto/bn/asm/x86_64-mont5.pl, crypto/bn/bn_exp.c, crypto/perlasm/x86_64-xlate.pl, crypto/constant_time_locl.h. - CVE-2016-0702 * SECURITY UPDATE: double-free in DSA code - debian/patches/CVE-2016-0705.patch: fix double-free in crypto/dsa/dsa_ameth.c. - CVE-2016-0705 * SECURITY UPDATE: BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption - debian/patches/CVE-2016-0797.patch: prevent overflow in crypto/bn/bn_print.c, crypto/bn/bn.h. - CVE-2016-0797 * SECURITY UPDATE: memory leak in SRP database lookups - debian/patches/CVE-2016-0798.patch: disable SRP fake user seed and introduce new SRP_VBASE_get1_by_user function that handled seed properly in apps/s_server.c, crypto/srp/srp.h, crypto/srp/srp_vfy.c, util/libeay.num, openssl.ld. - CVE-2016-0798 * SECURITY UPDATE: memory issues in BIO_*printf functions - debian/patches/CVE-2016-0799.patch: prevent overflow in crypto/bio/b_print.c. - CVE-2016-0799 * debian/patches/preserve_digests_for_sni.patch: preserve negotiated digests for SNI when SSL_set_SSL_CTX is called in ssl/ssl_lib.c. (LP: #1550643) Checksums-Sha1: 8777105cdf61389ecd8d229f037b835e29f3133b 965592 libssl-doc_1.0.1f-1ubuntu2.18_all.deb 1cab6f694b0a51401a8196d0cd42d45ab6a7f9ab 20495 openssl_1.0.1f-1ubuntu2.18_i386_translations.tar.gz 8682b6b708543c7e4adad1cc8c80529ac3ca992d 480226 openssl_1.0.1f-1ubuntu2.18_i386.deb af141cc174a99a0e23a6381772631b6e0cb4fc36 783104 libssl1.0.0_1.0.1f-1ubuntu2.18_i386.deb 53a68d75cedf110ca5163ea8c8ef1f2b370a3930 570724 libcrypto1.0.0-udeb_1.0.1f-1ubuntu2.18_i386.udeb f71055121a57b1ca90d62ce21503b33992d1a30d 122498 libssl1.0.0-udeb_1.0.1f-1ubuntu2.18_i386.udeb bd2ae016463041d40b2f623a90faf2b5139de5d2 991074 libssl-dev_1.0.1f-1ubuntu2.18_i386.deb d9a4ab28fcdfca726647ede918aa98191e399541 2349740 libssl1.0.0-dbg_1.0.1f-1ubuntu2.18_i386.deb f2f1bc5373319afad6e21262e0decb575879537f 1058 openssl-dbgsym_1.0.1f-1ubuntu2.18_i386.ddeb 7ed357ea6ad6db84817030e9a19e7447b067cd3f 898 libssl1.0.0-dbgsym_1.0.1f-1ubuntu2.18_i386.ddeb 439ac11bf2c18a40154b2c5b82784c177ac733c1 930 libcrypto1.0.0-udeb-dbgsym_1.0.1f-1ubuntu2.18_i386.ddeb ecc74f22c83f9915fbcc79a809e78a446ed8d676 818 libssl1.0.0-udeb-dbgsym_1.0.1f-1ubuntu2.18_i386.ddeb 21cced3dcb6f94a31844f0779c1ee26051cea979 920 libssl-dev-dbgsym_1.0.1f-1ubuntu2.18_i386.ddeb Checksums-Sha256: 617129662d79bb37b82c94f443c12dfe03445be1088059bb009918e3464877a7 965592 libssl-doc_1.0.1f-1ubuntu2.18_all.deb 2121ee5acdbe0c1ca4275ebca804f0ff708f7ab38a856cf15d8f6bc01029c140 20495 openssl_1.0.1f-1ubuntu2.18_i386_translations.tar.gz 443ed65c883102b06b032837b8203d39d77b120250de5a25a50fff43d3a305e1 480226 openssl_1.0.1f-1ubuntu2.18_i386.deb 98d1a83226c1a92845365a5d1dbbd37a4cb4fc31d4b8e44b5c3b0fbc64dc5214 783104 libssl1.0.0_1.0.1f-1ubuntu2.18_i386.deb 9ca60b96d227ca0317f93e738117f347b95d83f1e672ebb0b83b3fa9b09693e0 570724 libcrypto1.0.0-udeb_1.0.1f-1ubuntu2.18_i386.udeb 0b38db7111357984262bb563621d33405331831e92779b84284dfaab438adf84 122498 libssl1.0.0-udeb_1.0.1f-1ubuntu2.18_i386.udeb 17ca323cc9ed836393ebf397c80fa32b836c429ce3d117f7033e6b598bc645ac 991074 libssl-dev_1.0.1f-1ubuntu2.18_i386.deb 47583ea2f7090d33bfe74b42c5308492f65c3086ef49ba5f9e8eb8525d3e9ccc 2349740 libssl1.0.0-dbg_1.0.1f-1ubuntu2.18_i386.deb 1b38cc718709c74cfb519a02449eeda4875dcf6424bb1cf2b63c41f14cf03837 1058 openssl-dbgsym_1.0.1f-1ubuntu2.18_i386.ddeb 21140f1c919f3a4ca55587e9bbccde0de556ff25f06c8e71ede042f1d577ea21 898 libssl1.0.0-dbgsym_1.0.1f-1ubuntu2.18_i386.ddeb e9b4678ad3c2348939d3c8e2fe3e6ab3e5a1571fc01879711e6aab19250d797b 930 libcrypto1.0.0-udeb-dbgsym_1.0.1f-1ubuntu2.18_i386.ddeb a6ec7b4637d5b4b63b7fd6b60920d93801bbdeb8998aff6613f322e51be92bdc 818 libssl1.0.0-udeb-dbgsym_1.0.1f-1ubuntu2.18_i386.ddeb c68658ae81faadc2c5a14f977cf0ec089bcd514858edb72892fc685f6878f6aa 920 libssl-dev-dbgsym_1.0.1f-1ubuntu2.18_i386.ddeb Files: ea4e7e4d2217f7273577a54ef40a5d84 965592 doc optional libssl-doc_1.0.1f-1ubuntu2.18_all.deb 6539f74e2df6d1dcc921ae2cf6e5d755 20495 raw-translations - openssl_1.0.1f-1ubuntu2.18_i386_translations.tar.gz 5afc9c8ffcd2d3612dce816326dc3b0c 480226 utils optional openssl_1.0.1f-1ubuntu2.18_i386.deb 7cae10df515aea9b4dbb9341dc6429d6 783104 libs important libssl1.0.0_1.0.1f-1ubuntu2.18_i386.deb ea8e73c66bbf323ee3d2f74360ad9caa 570724 debian-installer optional libcrypto1.0.0-udeb_1.0.1f-1ubuntu2.18_i386.udeb b9e5ef09b54f1a41cd7eec3b82bd77ad 122498 debian-installer optional libssl1.0.0-udeb_1.0.1f-1ubuntu2.18_i386.udeb 7993c13b594f50f6b78623e214258d8f 991074 libdevel optional libssl-dev_1.0.1f-1ubuntu2.18_i386.deb 23c0dc8861a71153924ba674069cf0bc 2349740 debug extra libssl1.0.0-dbg_1.0.1f-1ubuntu2.18_i386.deb bc7fd9e9d770d52d280c6baa9fe874a2 1058 utils extra openssl-dbgsym_1.0.1f-1ubuntu2.18_i386.ddeb 04625d18229f86b478c4277bd5c0cd60 898 libs extra libssl1.0.0-dbgsym_1.0.1f-1ubuntu2.18_i386.ddeb 35c6302b208493e519c35b9434b6ca41 930 debian-installer extra libcrypto1.0.0-udeb-dbgsym_1.0.1f-1ubuntu2.18_i386.ddeb 9c6bd132ef7d68d2c93eb8f8d9f9719e 818 debian-installer extra libssl1.0.0-udeb-dbgsym_1.0.1f-1ubuntu2.18_i386.ddeb 0ce1945b6c20c4c9ccac153a34fce97e 920 libdevel extra libssl-dev-dbgsym_1.0.1f-1ubuntu2.18_i386.ddeb Original-Maintainer: Debian OpenSSL Team Package-Type: udeb