openssl 1.1.1-1ubuntu2.1~18.04.6 source package in Ubuntu

Changelog

openssl (1.1.1-1ubuntu2.1~18.04.6) bionic-security; urgency=medium

  * SECURITY UPDATE: ECDSA remote timing attack
    - debian/patches/CVE-2019-1547.patch: for ECC parameters with NULL or
      zero cofactor, compute it in crypto/ec/ec_lib.c.
    - CVE-2019-1547
  * SECURITY UPDATE: Fork Protection
    - debian/patches/CVE-2019-1549.patch: ensure fork-safety without using
      a pthread_atfork handler in crypto/include/internal/rand_int.h,
      crypto/init.c, crypto/rand/drbg_lib.c, crypto/rand/rand_lcl.h,
      crypto/rand/rand_lib.c, crypto/threads_none.c,
      crypto/threads_pthread.c, crypto/threads_win.c,
      include/internal/cryptlib.h, test/drbgtest.c.
    - CVE-2019-1549
  * SECURITY UPDATE: rsaz_512_sqr overflow bug on x86_64
    - debian/patches/CVE-2019-1551.patch: fix an overflow bug in
      rsaz_512_sqr in crypto/bn/asm/rsaz-x86_64.pl.
    - CVE-2019-1551
  * SECURITY UPDATE: Padding Oracle issue
    - debian/patches/CVE-2019-1563.patch: fix a padding oracle in
      PKCS7_dataDecode and CMS_decrypt_set1_pkey in crypto/cms/cms_env.c,
      crypto/cms/cms_lcl.h, crypto/cms/cms_smime.c,
      crypto/pkcs7/pk7_doit.c.
    - CVE-2019-1563

 -- Marc Deslauriers <email address hidden>  Wed, 27 May 2020 15:15:54 -0400

Upload details

Uploaded by:
Marc Deslauriers on 2020-05-27
Uploaded to:
Bionic
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
utils
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
openssl_1.1.1.orig.tar.gz 8.0 MiB 2836875a0f89c03d0fdf483941512613a50cfb421d6fd94b9f41d7279d586a3d
openssl_1.1.1.orig.tar.gz.asc 488 bytes f3296150114069ea73a72eafbfdcbb295b770e7cbf3266f9590f3d0932498b3e
openssl_1.1.1-1ubuntu2.1~18.04.6.debian.tar.xz 102.2 KiB 8251b6f87af26364a341f7beeeef26ed99c7f90819804dba3c1e6bf2f698bb99
openssl_1.1.1-1ubuntu2.1~18.04.6.dsc 2.7 KiB e35516df9f2b2798065730bbc87f1b5a6b87ff4716f5ae2d3ed4a2ce32f7029f

View changes file

Binary packages built by this source

libcrypto1.1-udeb: Secure Sockets Layer toolkit - libcrypto udeb

 This package is part of the OpenSSL project's implementation of the SSL
 and TLS cryptographic protocols for secure communication over the
 Internet.
 .
 It contains a version of the libcrypto shared library for use with the
 Debian Installer. Do not install it on a normal system.

libssl-dev: Secure Sockets Layer toolkit - development files

 This package is part of the OpenSSL project's implementation of the SSL
 and TLS cryptographic protocols for secure communication over the
 Internet.
 .
 It contains development libraries, header files, and manpages for libssl
 and libcrypto.

libssl-doc: Secure Sockets Layer toolkit - development documentation

 This package is part of the OpenSSL project's implementation of the SSL
 and TLS cryptographic protocols for secure communication over the
 Internet.
 .
 It contains manpages and demo files for libssl and libcrypto.

libssl1.1: Secure Sockets Layer toolkit - shared libraries

 This package is part of the OpenSSL project's implementation of the SSL
 and TLS cryptographic protocols for secure communication over the
 Internet.
 .
 It provides the libssl and libcrypto shared libraries.

libssl1.1-dbgsym: debug symbols for libssl1.1
libssl1.1-udeb: ssl shared library - udeb

 libssl shared library.
 .
 Do not install it on a normal system.

openssl: Secure Sockets Layer toolkit - cryptographic utility

 This package is part of the OpenSSL project's implementation of the SSL
 and TLS cryptographic protocols for secure communication over the
 Internet.
 .
 It contains the general-purpose command line binary /usr/bin/openssl,
 useful for cryptographic operations such as:
  * creating RSA, DH, and DSA key parameters;
  * creating X.509 certificates, CSRs, and CRLs;
  * calculating message digests;
  * encrypting and decrypting with ciphers;
  * testing SSL/TLS clients and servers;
  * handling S/MIME signed or encrypted mail.

openssl-dbgsym: debug symbols for openssl