Format: 1.8 Date: Thu, 11 Jun 2015 07:34:23 -0400 Source: openssl Binary: openssl libssl1.0.0 libcrypto1.0.0-udeb libssl1.0.0-udeb libssl-dev libssl-doc libssl1.0.0-dbg Architecture: amd64 amd64_translations Version: 1.0.1f-1ubuntu2.15 Distribution: trusty Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: libcrypto1.0.0-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb) libssl-dev - Secure Sockets Layer toolkit - development files libssl-doc - Secure Sockets Layer toolkit - development documentation libssl1.0.0 - Secure Sockets Layer toolkit - shared libraries libssl1.0.0-dbg - Secure Sockets Layer toolkit - debug information libssl1.0.0-udeb - ssl shared library - udeb (udeb) openssl - Secure Sockets Layer toolkit - cryptographic utility Changes: openssl (1.0.1f-1ubuntu2.15) trusty-security; urgency=medium . * SECURITY IMPROVEMENT: reject dh keys smaller than 768 bits - debian/patches/reject_small_dh.patch: reject small dh keys in ssl/s3_clnt.c, ssl/ssl.h, ssl/ssl_err.c, update documentation in doc/ssl/SSL_CTX_set_tmp_dh_callback.pod, make s_server use 2048-bit dh in apps/s_server.c, clarify docs in doc/apps/dhparam.pod. * SECURITY UPDATE: denial of service and possible code execution via invalid free in DTLS - debian/patches/CVE-2014-8176.patch: fix invalid free in ssl/d1_lib.c. - CVE-2014-8176 * SECURITY UPDATE: denial of service via malformed ECParameters - debian/patches/CVE-2015-1788.patch: improve logic in crypto/bn/bn_gf2m.c. - CVE-2015-1788 * SECURITY UPDATE: denial of service via out-of-bounds read in X509_cmp_time - debian/patches/CVE-2015-1789.patch: properly parse time format in crypto/x509/x509_vfy.c. - CVE-2015-1789 * SECURITY UPDATE: denial of service via missing EnvelopedContent - debian/patches/CVE-2015-1790.patch: handle NULL data_body in crypto/pkcs7/pk7_doit.c. - CVE-2015-1790 * SECURITY UPDATE: race condition in NewSessionTicket - debian/patches/CVE-2015-1791.patch: create a new session in ssl/s3_clnt.c, ssl/ssl.h, ssl/ssl_err.c, ssl/ssl_locl.h, ssl/ssl_sess.c. - debian/patches/CVE-2015-1791-2.patch: fix kerberos issue in ssl/ssl_sess.c. - debian/patches/CVE-2015-1791-3.patch: more ssl_session_dup fixes in ssl/ssl_sess.c. - CVE-2015-1791 * SECURITY UPDATE: CMS verify infinite loop with unknown hash function - debian/patches/CVE-2015-1792.patch: fix infinite loop in crypto/cms/cms_smime.c. - CVE-2015-1792 Checksums-Sha1: a626e4f0f582e366a94825842b6b682ef8f7f899 488688 openssl_1.0.1f-1ubuntu2.15_amd64.deb 06d30204332f473b562abb2383ebf1d426266517 826796 libssl1.0.0_1.0.1f-1ubuntu2.15_amd64.deb 4a091fe1872e000ba49d84617a012adc51dbd5dc 614898 libcrypto1.0.0-udeb_1.0.1f-1ubuntu2.15_amd64.udeb e1692a4dffcf411c8d8c04b10f4b7c0ba304a0ef 124294 libssl1.0.0-udeb_1.0.1f-1ubuntu2.15_amd64.udeb b428b2682a0c3f21e6cf2730e18fc8cbbcda4876 1072694 libssl-dev_1.0.1f-1ubuntu2.15_amd64.deb f7d137cb0bdd8bcae4f500cb9ae9af8fe1450cdf 2665322 libssl1.0.0-dbg_1.0.1f-1ubuntu2.15_amd64.deb 1fababe6482d2a09269500a1a1c5d00f0b2af3f1 20511 openssl_1.0.1f-1ubuntu2.15_amd64_translations.tar.gz Checksums-Sha256: 7b4592d034d5ebf57145f8e654ef46b70c742957ac4c7fd12dfccc80804a3569 488688 openssl_1.0.1f-1ubuntu2.15_amd64.deb 490663f9da93e358db96c6b7ecef3870c136a507279ba87e86ce340072291455 826796 libssl1.0.0_1.0.1f-1ubuntu2.15_amd64.deb e5930ba63bd0718f3dfdbe0d38df58df59ba50c526e4064c09dd749320447073 614898 libcrypto1.0.0-udeb_1.0.1f-1ubuntu2.15_amd64.udeb 6947a536369a914e22e906faa0c7b2bf9373582ebc007b4292bcd19eb7a3697f 124294 libssl1.0.0-udeb_1.0.1f-1ubuntu2.15_amd64.udeb ee3b27c2083ad9d6db0dfad7ca4371739a88c2e761684008b135fe06678a5f68 1072694 libssl-dev_1.0.1f-1ubuntu2.15_amd64.deb 69b053a0427b38847f749bb05fa52934fde0190499aabfbc1b7bc94633c03e3c 2665322 libssl1.0.0-dbg_1.0.1f-1ubuntu2.15_amd64.deb 3931eccc68c6e0988e83ed200552c65be670d29a46cb3bd60acd51eb9dfba177 20511 openssl_1.0.1f-1ubuntu2.15_amd64_translations.tar.gz Files: 02a16d57d9924fe1c2557b1857281bb9 488688 utils optional openssl_1.0.1f-1ubuntu2.15_amd64.deb e79dd058b948c81e2e1150350e6d9d8e 826796 libs important libssl1.0.0_1.0.1f-1ubuntu2.15_amd64.deb 1da7a6c7f898b858e9129a460d392ea1 614898 debian-installer optional libcrypto1.0.0-udeb_1.0.1f-1ubuntu2.15_amd64.udeb 02e1d649b42cf706b1ae476d76863632 124294 debian-installer optional libssl1.0.0-udeb_1.0.1f-1ubuntu2.15_amd64.udeb 23d23cfbe320ccc6d9a5c005b5a2050f 1072694 libdevel optional libssl-dev_1.0.1f-1ubuntu2.15_amd64.deb da744e86aedc7badb8e20aa1092439bf 2665322 debug extra libssl1.0.0-dbg_1.0.1f-1ubuntu2.15_amd64.deb a04574365773a11d5e73565947a9f188 20511 raw-translations - openssl_1.0.1f-1ubuntu2.15_amd64_translations.tar.gz Original-Maintainer: Debian OpenSSL Team Package-Type: udeb