Format: 1.8 Date: Thu, 28 Apr 2016 10:00:31 -0400 Source: openssl Binary: openssl libssl1.0.0 libcrypto1.0.0-udeb libssl1.0.0-udeb libssl-dev libssl-doc libssl1.0.0-dbg Architecture: i386 i386_translations Version: 1.0.2d-0ubuntu1.5 Distribution: wily Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: libcrypto1.0.0-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb) libssl-dev - Secure Sockets Layer toolkit - development files libssl-doc - Secure Sockets Layer toolkit - development documentation libssl1.0.0 - Secure Sockets Layer toolkit - shared libraries libssl1.0.0-dbg - Secure Sockets Layer toolkit - debug information libssl1.0.0-udeb - ssl shared library - udeb (udeb) openssl - Secure Sockets Layer toolkit - cryptographic utility Changes: openssl (1.0.2d-0ubuntu1.5) wily-security; urgency=medium . * SECURITY UPDATE: EVP_EncodeUpdate overflow - debian/patches/CVE-2016-2105.patch: properly check lengths in crypto/evp/encode.c, add documentation to doc/crypto/EVP_EncodeInit.pod, doc/crypto/evp.pod. - CVE-2016-2105 * SECURITY UPDATE: EVP_EncryptUpdate overflow - debian/patches/CVE-2016-2106.patch: fix overflow in crypto/evp/evp_enc.c. - CVE-2016-2106 * SECURITY UPDATE: Padding oracle in AES-NI CBC MAC check - debian/patches/CVE-2016-2107.patch: check that there are enough padding characters in crypto/evp/e_aes_cbc_hmac_sha1.c, crypto/evp/e_aes_cbc_hmac_sha256.c. - CVE-2016-2107 * SECURITY UPDATE: Memory corruption in the ASN.1 encoder - debian/patches/CVE-2016-2108.patch: fix ASN1_INTEGER handling in crypto/asn1/a_type.c, crypto/asn1/asn1.h, crypto/asn1/tasn_dec.c, crypto/asn1/tasn_enc.c. - CVE-2016-2108 * SECURITY UPDATE: ASN.1 BIO excessive memory allocation - debian/patches/CVE-2016-2109.patch: properly handle large amounts of data in crypto/asn1/a_d2i_fp.c. - CVE-2016-2109 * debian/patches/min_1024_dh_size.patch: change minimum DH size from 768 to 1024. Checksums-Sha1: 0c65abd3105d7bc31872b4758940997fbce0e5f0 938 libcrypto1.0.0-udeb-dbgsym_1.0.2d-0ubuntu1.5_i386.ddeb 0b1a986c32d5efa52791d9da7f0674003b6bcc01 662524 libcrypto1.0.0-udeb_1.0.2d-0ubuntu1.5_i386.udeb 7771d0631e22d3437a3faa242ad816c26fae8b8d 926 libssl-dev-dbgsym_1.0.2d-0ubuntu1.5_i386.ddeb 751f4530d711e228bde6dac630f78b7c058cfdc0 1133544 libssl-dev_1.0.2d-0ubuntu1.5_i386.deb 51e1f6c9d745febcb35256b734b256edd742c88e 2176264 libssl1.0.0-dbg_1.0.2d-0ubuntu1.5_i386.deb 17fb5cf3dda58baaaa49fa4bc6cdc0d4f530bca0 902 libssl1.0.0-dbgsym_1.0.2d-0ubuntu1.5_i386.ddeb 1f4ce742e47312893d3ce9b8e30c11a1ff5e6847 820 libssl1.0.0-udeb-dbgsym_1.0.2d-0ubuntu1.5_i386.ddeb 77b1eb4a1c5f2cf7ea739fd7d858f47c3f026ff6 150770 libssl1.0.0-udeb_1.0.2d-0ubuntu1.5_i386.udeb cb362d4972d555fa601583b3b7d12f62444b71a6 906392 libssl1.0.0_1.0.2d-0ubuntu1.5_i386.deb e4a8a86f41fad62f5e1e3cde550621106f6fb1ff 1062 openssl-dbgsym_1.0.2d-0ubuntu1.5_i386.ddeb 262e7a36f5977ef325ea88472f36308d1e13cd69 525658 openssl_1.0.2d-0ubuntu1.5_i386.deb c0441b619e7c73039e21f3d4ad38e781f75e227d 20611 openssl_1.0.2d-0ubuntu1.5_i386_translations.tar.gz Checksums-Sha256: c33768781c438c3c71383f4be74ae43ae755a799b327e8505cc59a2e3bd16f7f 938 libcrypto1.0.0-udeb-dbgsym_1.0.2d-0ubuntu1.5_i386.ddeb 53ca3ec14984fff248286e892b27168ae86bdd07c8207ce9d2b6b781f75348e5 662524 libcrypto1.0.0-udeb_1.0.2d-0ubuntu1.5_i386.udeb 346b6b427c8844de159761bf7cbd3c7f668cd5b5a5347eef089feac07e30ae77 926 libssl-dev-dbgsym_1.0.2d-0ubuntu1.5_i386.ddeb 6ede6542be24afd6a624e1904424543ad1d8fb88840d4636726b0b7cbea5454c 1133544 libssl-dev_1.0.2d-0ubuntu1.5_i386.deb 8e246738635b8d12e61d18110d38efbf2564e5681ae36623ccce20fd66cfe356 2176264 libssl1.0.0-dbg_1.0.2d-0ubuntu1.5_i386.deb 61338e162c53e081ce01870526741797d08f62d176ff21b87cca472d8bb365b5 902 libssl1.0.0-dbgsym_1.0.2d-0ubuntu1.5_i386.ddeb ec899536680e4f9264e4aff46fe64bc81a6927b5760ba4a7817cc99c3e00160a 820 libssl1.0.0-udeb-dbgsym_1.0.2d-0ubuntu1.5_i386.ddeb 153b1d824c9e37f82c8c25b0c17069ceaaaac05c8ebfdd778800e25dfbb49320 150770 libssl1.0.0-udeb_1.0.2d-0ubuntu1.5_i386.udeb cab3b294dc4c77891eae04a2569a3c17e29bc308a98065d13e992e1b05dab21b 906392 libssl1.0.0_1.0.2d-0ubuntu1.5_i386.deb 9a4ad447550e0750668fd0e714eceb79baf9707b62a4a4634ef34d817ddea2a7 1062 openssl-dbgsym_1.0.2d-0ubuntu1.5_i386.ddeb 66ad233500fff02da51f5286f7e01bc492be7403eb98f11166e21f63fc1cb466 525658 openssl_1.0.2d-0ubuntu1.5_i386.deb b7727131639926fdbb4146adfe9ca2a74f4906a2292cc522fb81e5f873f50efd 20611 openssl_1.0.2d-0ubuntu1.5_i386_translations.tar.gz Files: d57488458582d0cb0cb305c5add21f91 938 debian-installer extra libcrypto1.0.0-udeb-dbgsym_1.0.2d-0ubuntu1.5_i386.ddeb e05859cad3e482714f70cbe6ab655b29 662524 debian-installer optional libcrypto1.0.0-udeb_1.0.2d-0ubuntu1.5_i386.udeb e55d3c5bae4d14b04c0134ea2d6bfd03 926 libdevel extra libssl-dev-dbgsym_1.0.2d-0ubuntu1.5_i386.ddeb 2fd327ff3c81eb11e889f39034dad415 1133544 libdevel optional libssl-dev_1.0.2d-0ubuntu1.5_i386.deb 7e2f487fb54dcf84115e8b71838b9579 2176264 debug extra libssl1.0.0-dbg_1.0.2d-0ubuntu1.5_i386.deb fa12b8baeaece8042abe9cfc6f5934c9 902 libs extra libssl1.0.0-dbgsym_1.0.2d-0ubuntu1.5_i386.ddeb c4c41aae5a85a3963fbfd2dc28cc089c 820 debian-installer extra libssl1.0.0-udeb-dbgsym_1.0.2d-0ubuntu1.5_i386.ddeb 14bbb9b7559e38d87035faeeae69bb3e 150770 debian-installer optional libssl1.0.0-udeb_1.0.2d-0ubuntu1.5_i386.udeb 666fe82642e0c6615f8bbbb3b6dee831 906392 libs important libssl1.0.0_1.0.2d-0ubuntu1.5_i386.deb 4f304a7cef308a625779b2c8786adb27 1062 utils extra openssl-dbgsym_1.0.2d-0ubuntu1.5_i386.ddeb 7c927e5f40342c7b2940dbdcdd035d0f 525658 utils optional openssl_1.0.2d-0ubuntu1.5_i386.deb 012fa697bf897a7c191e18a0f0d5c706 20611 raw-translations - openssl_1.0.2d-0ubuntu1.5_i386_translations.tar.gz Original-Maintainer: Debian OpenSSL Team Package-Type: udeb