Format: 1.7 Date: Thu, 19 Jun 2008 14:35:20 -0400 Source: openssl Binary: libcrypto0.9.8-udeb libssl-dev libssl0.9.8 libssl0.9.8-dbg openssl openssl-doc Architecture: amd64_translations amd64 hppa_translations hppa i386_translations i386 all ia64_translations ia64 lpia_translations lpia powerpc_translations powerpc source sparc_translations sparc Version: 0.9.8g-4ubuntu3.3 Distribution: hardy-security Urgency: low Maintainer: Ubuntu Core Developers Changed-By: Jamie Strandboge Description: libcrypto0.9.8-udeb - crypto shared library - udeb (udeb) libssl-dev - SSL development libraries, header files and documentation libssl0.9.8 - SSL shared libraries libssl0.9.8-dbg - Symbol tables for libssl and libcrypto openssl - Secure Socket Layer (SSL) binary and related cryptographic tools openssl-doc - Secure Socket Layer (SSL) documentation libcrypto0.9.8-udeb - crypto shared library - udeb Changes: openssl (0.9.8g-4ubuntu3.3) hardy-security; urgency=low . * SECURITY UPDATE: fix denial of service when 'Server Key exchange message' is omitted from a TLS handshake * ssl/s3_clnt.c: make sure s->session->sess_cert is not NULL * SECURITY UPDATE: fix denial of service when using tlsext. Note that this version of openssl does not use tlsext by default. * ssl/t1_lib.c: make sure s->session->tlsext_hostname is set to NULL to prevent double free. * References CVE-2008-1672 CVE-2008-0891 LP: #235913 Files: affe896c44ee34054e1f5e7818e4453b 17401 raw-translations - openssl_0.9.8g-4ubuntu3.3_amd64_translations.tar.gz 1c33397eeeaf9c43dbadbc952effca25 390580 utils optional openssl_0.9.8g-4ubuntu3.3_amd64.deb 43218bfe72915fb66bdf8c081f847fcb 931362 libs important libssl0.9.8_0.9.8g-4ubuntu3.3_amd64.deb 84269c06376fba49d325c730777068c6 603880 debian-installer optional libcrypto0.9.8-udeb_0.9.8g-4ubuntu3.3_amd64.udeb 33f436e01452fc2731b30700d3e0cb25 2064718 libdevel optional libssl-dev_0.9.8g-4ubuntu3.3_amd64.deb c07455422c05690cab6b54026279f9e3 1604058 libdevel extra libssl0.9.8-dbg_0.9.8g-4ubuntu3.3_amd64.deb a855b0b12ff1547f4849155826784fe7 17408 raw-translations - openssl_0.9.8g-4ubuntu3.3_hppa_translations.tar.gz 97d65cc3a225f32144b576e563251e65 403314 utils optional openssl_0.9.8g-4ubuntu3.3_hppa.deb 8feb6c1b1fa6006fb5dad155f4f0c768 954532 libs important libssl0.9.8_0.9.8g-4ubuntu3.3_hppa.deb 3b3573fc18844451896ee2aa3489bfbb 628108 debian-installer optional libcrypto0.9.8-udeb_0.9.8g-4ubuntu3.3_hppa.udeb 526c62fc8660c10357a87b6aaf5e5596 2118730 libdevel optional libssl-dev_0.9.8g-4ubuntu3.3_hppa.deb a328e2b99e9ee358ead1507f919d79e3 1519830 libdevel extra libssl0.9.8-dbg_0.9.8g-4ubuntu3.3_hppa.deb 976b26fe505baeb8d77ec67edf1eea13 17397 raw-translations - openssl_0.9.8g-4ubuntu3.3_i386_translations.tar.gz a91bd87423e0063ab2bb18ecf44ae995 385396 utils optional openssl_0.9.8g-4ubuntu3.3_i386.deb 36c2d25fdf6427526076a8d6b5da2e96 628742 doc optional openssl-doc_0.9.8g-4ubuntu3.3_all.deb bdfaf989e6b72ba194845ac03d5c27b4 2828380 libs important libssl0.9.8_0.9.8g-4ubuntu3.3_i386.deb 2afdf22196bfa295f2847798c28ebc56 564676 debian-installer optional libcrypto0.9.8-udeb_0.9.8g-4ubuntu3.3_i386.udeb 9e1601920ffb4579750c62e3bafcc788 1941746 libdevel optional libssl-dev_0.9.8g-4ubuntu3.3_i386.deb b92bf74a2f51c864239b7266dc902fd6 5341160 libdevel extra libssl0.9.8-dbg_0.9.8g-4ubuntu3.3_i386.deb d58c168581f81579d4050a23d6e210b2 17400 raw-translations - openssl_0.9.8g-4ubuntu3.3_ia64_translations.tar.gz 823107754ff2fe40d2f5169731e9e1a8 468206 utils optional openssl_0.9.8g-4ubuntu3.3_ia64.deb 165b91151fa3029dc2a49d2848dbe358 1232196 libs important libssl0.9.8_0.9.8g-4ubuntu3.3_ia64.deb 3aed459399983244786994627cc2b7db 827280 debian-installer optional libcrypto0.9.8-udeb_0.9.8g-4ubuntu3.3_ia64.udeb 2d1b56d28ff2c33bdf0da305634c1d83 2483170 libdevel optional libssl-dev_0.9.8g-4ubuntu3.3_ia64.deb c2a2dadbff14fbb2271be7c87fb3c72d 1509038 libdevel extra libssl0.9.8-dbg_0.9.8g-4ubuntu3.3_ia64.deb af8f09bfd9fd54912c5d0418e36faf67 17400 raw-translations - openssl_0.9.8g-4ubuntu3.3_lpia_translations.tar.gz 7a31e11f913264848caf9970c8b55859 390020 utils optional openssl_0.9.8g-4ubuntu3.3_lpia.deb 7924b29683950fdde4467c65e0e1d337 842914 libs important libssl0.9.8_0.9.8g-4ubuntu3.3_lpia.deb 5841b6cc1e0fae3393afabc957037822 535446 debian-installer optional libcrypto0.9.8-udeb_0.9.8g-4ubuntu3.3_lpia.udeb 32dcdad159f05decabf11549ff204f37 1922442 libdevel optional libssl-dev_0.9.8g-4ubuntu3.3_lpia.deb 4fb1d4039493d3f2d08dcfb27de4dc31 1512426 libdevel extra libssl0.9.8-dbg_0.9.8g-4ubuntu3.3_lpia.deb c4f40e716d2a349ad1fba06610f69546 17404 raw-translations - openssl_0.9.8g-4ubuntu3.3_powerpc_translations.tar.gz b4a0cd49967333a6e617f7ddf6be1427 399184 utils optional openssl_0.9.8g-4ubuntu3.3_powerpc.deb 1c4cae202d0012cd143bd81239b36c71 944698 libs important libssl0.9.8_0.9.8g-4ubuntu3.3_powerpc.deb 7d857eca164bdfff475280cf334fd968 610278 debian-installer optional libcrypto0.9.8-udeb_0.9.8g-4ubuntu3.3_powerpc.udeb 49b892b43342c57136963936314cd850 2077858 libdevel optional libssl-dev_0.9.8g-4ubuntu3.3_powerpc.deb 34a79f78df92067f4be10eacbb72463d 1639382 libdevel extra libssl0.9.8-dbg_0.9.8g-4ubuntu3.3_powerpc.deb ac4c66a0442648d7b1a1afd326609c54 912 utils optional openssl_0.9.8g-4ubuntu3.3.dsc b1cea7b7db0cb4522acd795c3928f6d6 52995 utils optional openssl_0.9.8g-4ubuntu3.3.diff.gz 83dd3171aaec522bb5542de6b620c9a0 17402 raw-translations - openssl_0.9.8g-4ubuntu3.3_sparc_translations.tar.gz ffe5e48d1e71e27bd8adf064f4adcc64 397828 utils optional openssl_0.9.8g-4ubuntu3.3_sparc.deb 37861360b67b2ce0b038e49ea4a6ae67 2241472 libs important libssl0.9.8_0.9.8g-4ubuntu3.3_sparc.deb d065856a7822c4d5f5382b1ad1a652fe 559658 debian-installer optional libcrypto0.9.8-udeb_0.9.8g-4ubuntu3.3_sparc.udeb c82132370120b65e6e278df0755eb1a6 1984612 libdevel optional libssl-dev_0.9.8g-4ubuntu3.3_sparc.deb dfcf08c38728d64842da3f378639b191 3873772 libdevel extra libssl0.9.8-dbg_0.9.8g-4ubuntu3.3_sparc.deb Package-Type: udeb Launchpad-Bugs-Fixed: 235913 Original-Maintainer: Debian OpenSSL Team