Format: 1.8
Date: Wed, 20 Jun 2018 07:13:37 -0400
Source: openssl
Binary: openssl libssl1.1 libcrypto1.1-udeb libssl1.1-udeb libssl-dev libssl-doc
Architecture: arm64 arm64_translations
Version: 1.1.0g-2ubuntu5
Distribution: cosmic-proposed
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos02-arm64-014.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 libcrypto1.1-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb)
 libssl-dev - Secure Sockets Layer toolkit - development files
 libssl-doc - Secure Sockets Layer toolkit - development documentation
 libssl1.1  - Secure Sockets Layer toolkit - shared libraries
 libssl1.1-udeb - ssl shared library - udeb (udeb)
 openssl    - Secure Sockets Layer toolkit - cryptographic utility
Changes:
 openssl (1.1.0g-2ubuntu5) cosmic; urgency=medium
 .
   * SECURITY UPDATE: ECDSA key extraction side channel
     - debian/patches/CVE-2018-0495.patch: add blinding to an ECDSA
       signature in crypto/ec/ecdsa_ossl.c.
     - CVE-2018-0495
   * SECURITY UPDATE: denial of service via long prime values
     - debian/patches/CVE-2018-0732.patch: reject excessively large primes
       in DH key generation in crypto/dh/dh_key.c.
     - CVE-2018-0732
   * SECURITY UPDATE: RSA cache timing side channel attack
     - debian/patches/CVE-2018-0737-1.patch: replaced variable-time GCD in
       crypto/rsa/rsa_gen.c.
     - debian/patches/CVE-2018-0737-2.patch: used ERR set/pop mark in
       crypto/rsa/rsa_gen.c.
     - debian/patches/CVE-2018-0737-3.patch: consttime flag changed in
       crypto/rsa/rsa_gen.c.
     - debian/patches/CVE-2018-0737-4.patch: ensure BN_mod_inverse and
       BN_mod_exp_mont both get called with BN_FLG_CONSTTIME flag set in
       crypto/rsa/rsa_gen.c.
     - CVE-2018-0737
Checksums-Sha1:
 bfea04f330ea18467ac96a631165fdc87542ed92 767132 libcrypto1.1-udeb_1.1.0g-2ubuntu5_arm64.udeb
 93c758ec82606b230edcbf5576297b845e89e1d8 1188432 libssl-dev_1.1.0g-2ubuntu5_arm64.deb
 9e86d23ad2fdb368f1d3c959102b2b6360d222a0 2843508 libssl1.1-dbgsym_1.1.0g-2ubuntu5_arm64.ddeb
 b436781e51203dad98657503f11cc96ec0f1f36f 118288 libssl1.1-udeb_1.1.0g-2ubuntu5_arm64.udeb
 8622a03a0eb1e22d3522723741b7c073973f29a9 914132 libssl1.1_1.1.0g-2ubuntu5_arm64.deb
 d009f3a5928fad29b558b5735e542f664eb69d14 509572 openssl-dbgsym_1.1.0g-2ubuntu5_arm64.ddeb
 56dfcf1e06f802e6bd02c5922cc1d8a254d3d348 6795 openssl_1.1.0g-2ubuntu5_arm64.buildinfo
 68f721bb16e7d1dba96fd414bff58d3084e42bb7 505124 openssl_1.1.0g-2ubuntu5_arm64.deb
 20ce494f22dbaf9c190fc1e3517e5c0133a00572 20620 openssl_1.1.0g-2ubuntu5_arm64_translations.tar.gz
Checksums-Sha256:
 987528eab38581e83faa8ed8b4814c4ccf5de6c874f7ddb58f406340758604d8 767132 libcrypto1.1-udeb_1.1.0g-2ubuntu5_arm64.udeb
 7ce70528d8e7e7e40f0c1518afa699568a5753ac64cd3e8014027d32cddf15bd 1188432 libssl-dev_1.1.0g-2ubuntu5_arm64.deb
 2feb14c8858a227eec869a0ef8ce91a76862b3c7e3afabda9252ef896b5e0e06 2843508 libssl1.1-dbgsym_1.1.0g-2ubuntu5_arm64.ddeb
 4e0eb4bad57ed8173e7ff8bea10612f8e2e31f86c4ba2b2dc02502748236fc55 118288 libssl1.1-udeb_1.1.0g-2ubuntu5_arm64.udeb
 811d1cf46efb0451de3e969e06be00993512edb875be8bd4bcad0f3ded260a5b 914132 libssl1.1_1.1.0g-2ubuntu5_arm64.deb
 807645a56fbd25cab93a5cf239a239bd0bbd4f4f7b8db3a7b09c7717109d9dc0 509572 openssl-dbgsym_1.1.0g-2ubuntu5_arm64.ddeb
 18f0fcbba58d118c08d24121609b71356003a3648041c68c2d7b73d4376d4cbe 6795 openssl_1.1.0g-2ubuntu5_arm64.buildinfo
 125e1514c929274993ff6598d1900378c3482387c5056ec85a8c78a3889e959c 505124 openssl_1.1.0g-2ubuntu5_arm64.deb
 ac206cd29495af904e2cf7ec8d40157dd5ce4e15e6b3bc6b9557b5cd18d3e002 20620 openssl_1.1.0g-2ubuntu5_arm64_translations.tar.gz
Files:
 19fbb334084ef88a70aed1f3691b1495 767132 debian-installer optional libcrypto1.1-udeb_1.1.0g-2ubuntu5_arm64.udeb
 c32bbad3096fd1b5c87b75d35cff382f 1188432 libdevel optional libssl-dev_1.1.0g-2ubuntu5_arm64.deb
 f980a4e20381d87bf82f3f84a5ad449a 2843508 debug optional libssl1.1-dbgsym_1.1.0g-2ubuntu5_arm64.ddeb
 e1255e398e26861c6ae1d987cdfc1a94 118288 debian-installer optional libssl1.1-udeb_1.1.0g-2ubuntu5_arm64.udeb
 e89f6260d9049d1bef860215994b4777 914132 libs important libssl1.1_1.1.0g-2ubuntu5_arm64.deb
 b0aff9ddc844c150759efde5f313eb1a 509572 debug optional openssl-dbgsym_1.1.0g-2ubuntu5_arm64.ddeb
 0ead5b1441ff852aca8b42650b830a2b 6795 utils optional openssl_1.1.0g-2ubuntu5_arm64.buildinfo
 6d222345fae9f36d382a7cf89aa05da2 505124 utils optional openssl_1.1.0g-2ubuntu5_arm64.deb
 43d35ae92659a5a485d9f7aeae7f0c9b 20620 raw-translations - openssl_1.1.0g-2ubuntu5_arm64_translations.tar.gz
Original-Maintainer: Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>