Format: 1.8 Date: Mon, 29 Feb 2016 07:43:21 -0500 Source: openssl Binary: openssl libssl1.0.0 libcrypto1.0.0-udeb libssl1.0.0-udeb libssl-dev libssl-doc libssl1.0.0-dbg Architecture: amd64 all amd64_translations Version: 1.0.2d-0ubuntu1.4 Distribution: wily Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: libcrypto1.0.0-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb) libssl-dev - Secure Sockets Layer toolkit - development files libssl-doc - Secure Sockets Layer toolkit - development documentation libssl1.0.0 - Secure Sockets Layer toolkit - shared libraries libssl1.0.0-dbg - Secure Sockets Layer toolkit - debug information libssl1.0.0-udeb - ssl shared library - udeb (udeb) openssl - Secure Sockets Layer toolkit - cryptographic utility Changes: openssl (1.0.2d-0ubuntu1.4) wily-security; urgency=medium . * SECURITY UPDATE: side channel attack on modular exponentiation - debian/patches/CVE-2016-0702.patch: use constant-time calculations in crypto/bn/asm/rsaz-avx2.pl, crypto/bn/asm/rsaz-x86_64.pl, crypto/bn/asm/x86_64-mont.pl, crypto/bn/asm/x86_64-mont5.pl, crypto/bn/bn_exp.c. - CVE-2016-0702 * SECURITY UPDATE: double-free in DSA code - debian/patches/CVE-2016-0705.patch: fix double-free in crypto/dsa/dsa_ameth.c. - CVE-2016-0705 * SECURITY UPDATE: BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption - debian/patches/CVE-2016-0797.patch: prevent overflow in crypto/bn/bn_print.c, crypto/bn/bn.h. - CVE-2016-0797 * SECURITY UPDATE: memory leak in SRP database lookups - debian/patches/CVE-2016-0798.patch: disable SRP fake user seed and introduce new SRP_VBASE_get1_by_user function that handled seed properly in apps/s_server.c, crypto/srp/srp.h, crypto/srp/srp_vfy.c, util/libeay.num, openssl.ld. - CVE-2016-0798 * SECURITY UPDATE: memory issues in BIO_*printf functions - debian/patches/CVE-2016-0799.patch: prevent overflow in crypto/bio/b_print.c. - CVE-2016-0799 Checksums-Sha1: fac28d478df4fe1b4f83bc41727ceeefa2970710 938 libcrypto1.0.0-udeb-dbgsym_1.0.2d-0ubuntu1.4_amd64.ddeb 35b49f0333ad20559708def4b4cbf23943a937b8 852362 libcrypto1.0.0-udeb_1.0.2d-0ubuntu1.4_amd64.udeb 1d4069563b39c8db15883dfdb9f282b10b54747a 924 libssl-dev-dbgsym_1.0.2d-0ubuntu1.4_amd64.ddeb d2f72f29cdccff8c9180bb64d33ec994731a8f7a 1340872 libssl-dev_1.0.2d-0ubuntu1.4_amd64.deb e749521bf61bbc2489443db2087b61951e348568 1066166 libssl-doc_1.0.2d-0ubuntu1.4_all.deb 70bafe9de40420a9c08d2f183ccf9fb6a0f2d2db 2755970 libssl1.0.0-dbg_1.0.2d-0ubuntu1.4_amd64.deb 2d1006aed8974a0fff54be15f9677705b575b29a 900 libssl1.0.0-dbgsym_1.0.2d-0ubuntu1.4_amd64.ddeb 79900a6f6762df2095bb31d48957ebfea1d12f85 820 libssl1.0.0-udeb-dbgsym_1.0.2d-0ubuntu1.4_amd64.ddeb 94792ac8be9690457c0d1735fcd8d73ab775ff59 139490 libssl1.0.0-udeb_1.0.2d-0ubuntu1.4_amd64.udeb 40bd27b3b60a00a87b1fc7d33973b7e1409e712f 1081838 libssl1.0.0_1.0.2d-0ubuntu1.4_amd64.deb f5022b2ab788bd833f710bd0e0e875353e2c1489 1062 openssl-dbgsym_1.0.2d-0ubuntu1.4_amd64.ddeb e22b3e34aee3010729cf8084423d39b428424c79 510802 openssl_1.0.2d-0ubuntu1.4_amd64.deb ee76da1d9bfc1e8a914378964c7dc78476601d3b 20498 openssl_1.0.2d-0ubuntu1.4_amd64_translations.tar.gz Checksums-Sha256: 277b95cd4edea206643776318bfade1f26f9c89eb57b687a7cfd6a1a5eb9ecb3 938 libcrypto1.0.0-udeb-dbgsym_1.0.2d-0ubuntu1.4_amd64.ddeb 391fb6eb82b4f2a40cefd6714c7d29fd9b448a397e789ebdc07ca54eb8adf787 852362 libcrypto1.0.0-udeb_1.0.2d-0ubuntu1.4_amd64.udeb 97c187e0f6cff385e34b8de3714afa2562cd019ed0aef38d0594b511099fb754 924 libssl-dev-dbgsym_1.0.2d-0ubuntu1.4_amd64.ddeb cd9f49407bce5692955dc14abc88dcaf6998a8287e934b8b7ddebbfa023bb00a 1340872 libssl-dev_1.0.2d-0ubuntu1.4_amd64.deb a5f9ec0076563b9564a9702128bd165d5849210d24eb94d15f0e6debc03036b7 1066166 libssl-doc_1.0.2d-0ubuntu1.4_all.deb db45f83a981d49193fa63b5c3fdeac3972581a60c1deaa5eaffc28568e64c2c4 2755970 libssl1.0.0-dbg_1.0.2d-0ubuntu1.4_amd64.deb d538860db7273a96935a212b80a3edbdd0c590df0e4a4c558740387991e6a713 900 libssl1.0.0-dbgsym_1.0.2d-0ubuntu1.4_amd64.ddeb bc1798f402875b246a207a5c94894800f300975b9989cfb775a479f9e989605a 820 libssl1.0.0-udeb-dbgsym_1.0.2d-0ubuntu1.4_amd64.ddeb 236547b3d0971b31e0a56c190403ef41512e0d03876b297621d2db3133de153d 139490 libssl1.0.0-udeb_1.0.2d-0ubuntu1.4_amd64.udeb 1e789e305389c35b3178a4d848ceefb56f15aa2f95fdd7f5b246c52931d195b0 1081838 libssl1.0.0_1.0.2d-0ubuntu1.4_amd64.deb b72f887f3b6f31f3b7f8f60c78b34088b7d18688b640fb6345b3c335a782aa44 1062 openssl-dbgsym_1.0.2d-0ubuntu1.4_amd64.ddeb 07cdf7ecc7699baad9bdc32b3bb30c509eeef0abc61ad5a3662578c4634abbe9 510802 openssl_1.0.2d-0ubuntu1.4_amd64.deb 9923e8d5902822b270260d54ca9cb1e48794778684d048069c3ed89d209a46cc 20498 openssl_1.0.2d-0ubuntu1.4_amd64_translations.tar.gz Files: b51fd7886ed3ac63c80d88b95aacaf35 938 debian-installer extra libcrypto1.0.0-udeb-dbgsym_1.0.2d-0ubuntu1.4_amd64.ddeb 45dbfdd915bb6198c63b741cfdc3a574 852362 debian-installer optional libcrypto1.0.0-udeb_1.0.2d-0ubuntu1.4_amd64.udeb ce5ea49434809d340637701cf04a2d10 924 libdevel extra libssl-dev-dbgsym_1.0.2d-0ubuntu1.4_amd64.ddeb 410d8385028118fd2ad2807b401e6e3d 1340872 libdevel optional libssl-dev_1.0.2d-0ubuntu1.4_amd64.deb eb9adfdf1d747593816ded73a87827a2 1066166 doc optional libssl-doc_1.0.2d-0ubuntu1.4_all.deb 7954f4c4028ea24e08ca359f42483a92 2755970 debug extra libssl1.0.0-dbg_1.0.2d-0ubuntu1.4_amd64.deb 174781a1e70b103b5c4d9410c1c60efc 900 libs extra libssl1.0.0-dbgsym_1.0.2d-0ubuntu1.4_amd64.ddeb 16113b6643317cf1f221de8ded4beb8a 820 debian-installer extra libssl1.0.0-udeb-dbgsym_1.0.2d-0ubuntu1.4_amd64.ddeb 0cf43577304fa39da2200103d836104e 139490 debian-installer optional libssl1.0.0-udeb_1.0.2d-0ubuntu1.4_amd64.udeb 9c5759a33f46b03d63fc7eb76e57585e 1081838 libs important libssl1.0.0_1.0.2d-0ubuntu1.4_amd64.deb 986a5f5a1d71966c7cb5304ac273c331 1062 utils extra openssl-dbgsym_1.0.2d-0ubuntu1.4_amd64.ddeb a3dc4d18fa7847649f71cd1faa4fcb12 510802 utils optional openssl_1.0.2d-0ubuntu1.4_amd64.deb 7504b0647759d56a9ab560eb983a6378 20498 raw-translations - openssl_1.0.2d-0ubuntu1.4_amd64_translations.tar.gz Original-Maintainer: Debian OpenSSL Team Package-Type: udeb