Format: 1.8 Date: Tue, 21 Apr 2020 16:31:58 +0200 Source: openssl Architecture: source Version: 1.1.1g-1+ubuntu18.04.1+deb.sury.org+1 Distribution: bionic Urgency: medium Maintainer: Debian OpenSSL Team Changed-By: Ondřej Surý Closes: 875423 907631 910459 911389 912067 913558 923516 926315 941765 941987 947949 955442 Changes: openssl (1.1.1g-1+ubuntu18.04.1+deb.sury.org+1) bionic; urgency=medium . * No-change backport to bionic . openssl (1.1.1g-1) unstable; urgency=medium . * New upstream version . openssl (1.1.1f-1) unstable; urgency=medium . * New upstream version - Revert the change of EOF detection to avoid regressions in applications. (Closes: #955442). . openssl (1.1.1e-1) unstable; urgency=medium . * Use dh-compat level 12. * New upstream version - CVE-2019-1551 (Overflow in the x64_64 Montgomery squaring procedure), (Closes: #947949). * Update symbol list. * Update Standards-Version to 4.5.0. No changes required. * Add musl configurations (Closes: #941765). . openssl (1.1.1d-2) unstable; urgency=medium . * Reenable AES-CBC-HMAC-SHA ciphers (Closes: #941987). . openssl (1.1.1d-1) unstable; urgency=medium . * New upstream version - CVE-2019-1549 (Fixed a fork protection issue). - CVE-2019-1547 (Compute ECC cofactors if not provided during EC_GROUP construction). - CVE-2019-1563 (Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey). * Update symbol list . openssl (1.1.1c-1) unstable; urgency=medium . * New upstream version - CVE-2019-1543 (Prevent over long nonces in ChaCha20-Poly1305) * Update symbol list . openssl (1.1.1b-2) unstable; urgency=medium . * Fix BUF_MEM regression (Closes: #923516) * Fix error when config can't be opened (Closes: #926315) * Ship an openssl.cnf in libssl1.1-udeb.dirs . openssl (1.1.1b-1) unstable; urgency=medium . [ Sebastian Andrzej Siewior ] * Add Breaks on lighttpd (Closes: #913558). . [ Kurt Roeckx ] * New upstream version * Update symbol list . openssl (1.1.1a-1) unstable; urgency=medium . * Add Breaks on python-boto (See: #909545) * New upstream version - CVE-2018-0734 (Timing vulnerability in DSA signature generation) - CVE-2018-0735 (Timing vulnerability in ECDSA signature generation) - Update symbol file for 1.1.1a . openssl (1.1.1-2) unstable; urgency=medium . [ Sebastian Andrzej Siewior ] * Add Breaks on isync (See: #906955) * Fix autopkgtest (Closes: #910459) . [ Kurt Roeckx ] * Add Breaks on python-imaplib2 (See: #907079) * Add news entry regarding default TLS version and security level (Closes: #875423, #907631, #911389, #912067). Checksums-Sha1: 50e9aa3dc7f9dfd7d539d68dcf812203e77726cf 2612 openssl_1.1.1g-1+ubuntu18.04.1+deb.sury.org+1.dsc 9f555c03ccc333e7ab8e9e295a37e4ef9e5cfeee 9975389 openssl_1.1.1g.orig.tar.gz 371a8790a2c99f30e75e8b8883aedb1dde5f36ff 83984 openssl_1.1.1g-1+ubuntu18.04.1+deb.sury.org+1.debian.tar.xz 3aaa8a23c01c36cf4a088b8d4ac466a1dd19db1d 7900 openssl_1.1.1g-1+ubuntu18.04.1+deb.sury.org+1_source.buildinfo Checksums-Sha256: 777712c27d20f1e915a07cff52d81d3b12667499367a6db0aa83dc4b069ebbfb 2612 openssl_1.1.1g-1+ubuntu18.04.1+deb.sury.org+1.dsc 6e2ab033c80acf353f804c85d554c4fe40cf6941a04b1a8185c30b95caf86396 9975389 openssl_1.1.1g.orig.tar.gz 0f2b424b7b13097ac5ffe5dcda73f542dbba66b4bc7d7c3612bf7ab07422e9cc 83984 openssl_1.1.1g-1+ubuntu18.04.1+deb.sury.org+1.debian.tar.xz a3a01e68eed54cbe4b1c1f0acd48bb11193d335743918e32c958a90328345e07 7900 openssl_1.1.1g-1+ubuntu18.04.1+deb.sury.org+1_source.buildinfo Files: ca3e2bf89660a802fc8c859282f8a62a 2612 utils optional openssl_1.1.1g-1+ubuntu18.04.1+deb.sury.org+1.dsc a4274921111cf75657b23357d7b8e3b5 9975389 utils optional openssl_1.1.1g.orig.tar.gz cc2c07ae3324c6ac1a0ce4da5cfa0034 83984 utils optional openssl_1.1.1g-1+ubuntu18.04.1+deb.sury.org+1.debian.tar.xz b93afff096aebef2d68600a4c7d8c3fd 7900 utils optional openssl_1.1.1g-1+ubuntu18.04.1+deb.sury.org+1_source.buildinfo