Format: 1.8
Date: Thu, 22 Sep 2016 13:38:15 -0400
Source: openssl
Binary: openssl libssl1.0.0 libcrypto1.0.0-udeb libssl1.0.0-udeb libssl-dev libssl-doc libssl1.0.0-dbg
Architecture: powerpc powerpc_translations
Version: 1.0.1f-1ubuntu2.20
Distribution: trusty
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@denneed03.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description: 
 libcrypto1.0.0-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb)
 libssl-dev - Secure Sockets Layer toolkit - development files
 libssl-doc - Secure Sockets Layer toolkit - development documentation
 libssl1.0.0 - Secure Sockets Layer toolkit - shared libraries
 libssl1.0.0-dbg - Secure Sockets Layer toolkit - debug information
 libssl1.0.0-udeb - ssl shared library - udeb (udeb)
 openssl    - Secure Sockets Layer toolkit - cryptographic utility
Launchpad-Bugs-Fixed: 1622500
Changes: 
 openssl (1.0.1f-1ubuntu2.20) trusty-security; urgency=medium
 .
   * SECURITY UPDATE: Constant time flag not preserved in DSA signing
     - debian/patches/CVE-2016-2178-*.patch: preserve BN_FLG_CONSTTIME in
       crypto/dsa/dsa_ossl.c.
     - CVE-2016-2178
   * SECURITY UPDATE: DTLS buffered message DoS
     - debian/patches/CVE-2016-2179.patch: fix queue handling in
       ssl/d1_both.c, ssl/d1_clnt.c, ssl/d1_lib.c, ssl/d1_srvr.c,
       ssl/ssl_locl.h.
     - CVE-2016-2179
   * SECURITY UPDATE: OOB read in TS_OBJ_print_bio()
     - debian/patches/CVE-2016-2180.patch: fix text handling in
       crypto/ts/ts_lib.c.
     - CVE-2016-2180
   * SECURITY UPDATE: DTLS replay protection DoS
     - debian/patches/CVE-2016-2181-1.patch: properly handle unprocessed
       records in ssl/d1_pkt.c.
     - debian/patches/CVE-2016-2181-2.patch: protect against replay attacks
       in ssl/d1_pkt.c, ssl/ssl.h, ssl/ssl_err.c.
     - debian/patches/CVE-2016-2181-3.patch: update error code in ssl/ssl.h.
     - CVE-2016-2181
   * SECURITY UPDATE: OOB write in BN_bn2dec()
     - debian/patches/CVE-2016-2182.patch: don't overflow buffer in
       crypto/bn/bn_print.c.
     - CVE-2016-2182
   * SECURITY UPDATE: SWEET32 Mitigation
     - debian/patches/CVE-2016-2183.patch: move DES ciphersuites from HIGH
       to MEDIUM in ssl/s3_lib.c.
     - CVE-2016-2183
   * SECURITY UPDATE: Malformed SHA512 ticket DoS
     - debian/patches/CVE-2016-6302.patch: sanity check ticket length in
       ssl/t1_lib.c.
     - CVE-2016-6302
   * SECURITY UPDATE: OOB write in MDC2_Update()
     - debian/patches/CVE-2016-6303.patch: avoid overflow in
       crypto/mdc2/mdc2dgst.c.
     - CVE-2016-6303
   * SECURITY UPDATE: OCSP Status Request extension unbounded memory growth
     - debian/patches/CVE-2016-6304.patch: remove OCSP_RESPIDs from previous
       handshake in ssl/t1_lib.c.
     - CVE-2016-6304
   * SECURITY UPDATE: Certificate message OOB reads
     - debian/patches/CVE-2016-6306-1.patch: check lengths in ssl/s3_clnt.c,
       ssl/s3_srvr.c.
     - debian/patches/CVE-2016-6306-2.patch: make message buffer slightly
       larger in ssl/d1_both.c, ssl/s3_both.c.
     - CVE-2016-6306
   * SECURITY REGRESSION: DTLS regression (LP: #1622500)
     - debian/patches/CVE-2014-3571-3.patch: make DTLS always act as if
       read_ahead is set in ssl/s3_pkt.c.
   * debian/patches/update-expired-smime-test-certs.patch: Update test
     certificates that have expired and caused build test failures.
Checksums-Sha1: 
 deb8286311d42404aadb5b1d910f6358f5aaad8b 466620 openssl_1.0.1f-1ubuntu2.20_powerpc.deb
 7a23dcc61992cd7e70bed7266225968b2da59c38 691274 libssl1.0.0_1.0.1f-1ubuntu2.20_powerpc.deb
 5b4cdf05a8248b3517d65bd90c71906b85963a67 506040 libcrypto1.0.0-udeb_1.0.1f-1ubuntu2.20_powerpc.udeb
 7ee4ad4b5c1f247d6b4ccf99578cacd5c2a19c67 105922 libssl1.0.0-udeb_1.0.1f-1ubuntu2.20_powerpc.udeb
 faa75013b756b548af0b396a4a64881151333725 947986 libssl-dev_1.0.1f-1ubuntu2.20_powerpc.deb
 47af481e1dce3914b9649b80422b3dffc730df55 2694318 libssl1.0.0-dbg_1.0.1f-1ubuntu2.20_powerpc.deb
 e9c92c14b01fa7425bb482d426054e26b280c88a 1060 openssl-dbgsym_1.0.1f-1ubuntu2.20_powerpc.ddeb
 49121c9d7a97be34635e51f9715c8d5bba2afea5 902 libssl1.0.0-dbgsym_1.0.1f-1ubuntu2.20_powerpc.ddeb
 130d3b58b828861236831daf18fb0c70a34efc33 936 libcrypto1.0.0-udeb-dbgsym_1.0.1f-1ubuntu2.20_powerpc.ddeb
 4f744dc007565e1054b574b602dcb1f5ea166acd 820 libssl1.0.0-udeb-dbgsym_1.0.1f-1ubuntu2.20_powerpc.ddeb
 5eb23803a3e032201b5505fea6e8425d138f102a 924 libssl-dev-dbgsym_1.0.1f-1ubuntu2.20_powerpc.ddeb
 9ac76adc6be7a22ddd8247aaea22f975a8cbd3c5 20525 openssl_1.0.1f-1ubuntu2.20_powerpc_translations.tar.gz
Checksums-Sha256: 
 cd4ac4d20b9ab566f6d776c50a30a4e204529991fdac93e367a07cffd1c97303 466620 openssl_1.0.1f-1ubuntu2.20_powerpc.deb
 340b963d7b460dcf53a1a1f226f902b9a59b09c5d65f30bef748acaa6bae6ea6 691274 libssl1.0.0_1.0.1f-1ubuntu2.20_powerpc.deb
 4dfa13fa0f20c1eb9dc3c9619b45db7deabc66aa162aeb72905383fc032fba65 506040 libcrypto1.0.0-udeb_1.0.1f-1ubuntu2.20_powerpc.udeb
 e39cb663e48f5c8adb9d6dcd1576d03b62432c0abed6020dadbf8fc3c6ad5d99 105922 libssl1.0.0-udeb_1.0.1f-1ubuntu2.20_powerpc.udeb
 04e92929d9819ae45c02448c9454d5381ae496684f78485c37aee2ae83820627 947986 libssl-dev_1.0.1f-1ubuntu2.20_powerpc.deb
 80a64f499048de1a129ab31d9168ae7c6e59e67100a7ec2bbe2a19fc4f9c5976 2694318 libssl1.0.0-dbg_1.0.1f-1ubuntu2.20_powerpc.deb
 c29058dc76b16109c663efefc73892690297830850c907420d7049a3ee3d4858 1060 openssl-dbgsym_1.0.1f-1ubuntu2.20_powerpc.ddeb
 c4f64585adeb494ad76da1a06cc1e482d1c35b5b7382b744afcbb06fc6d2c18b 902 libssl1.0.0-dbgsym_1.0.1f-1ubuntu2.20_powerpc.ddeb
 84a601adc9c88ff1b7d9564e89803d3903be0ab9c80e6db65f7772fe678a5e6f 936 libcrypto1.0.0-udeb-dbgsym_1.0.1f-1ubuntu2.20_powerpc.ddeb
 af57bda3a0bbc1be718e50d052663f67b2a05559d924ce809224ebe60d83682e 820 libssl1.0.0-udeb-dbgsym_1.0.1f-1ubuntu2.20_powerpc.ddeb
 f1c13d0399112c661cac6c195d31f24a9f8a22b8364395f3ccc201e93f910ca0 924 libssl-dev-dbgsym_1.0.1f-1ubuntu2.20_powerpc.ddeb
 d1fcd213d57b63e161ba56bebc5544d688563f2a58c3b764575f2aa6d91eb12c 20525 openssl_1.0.1f-1ubuntu2.20_powerpc_translations.tar.gz
Files: 
 09e39d302e6bd94d4f31e4f7163418e7 466620 utils optional openssl_1.0.1f-1ubuntu2.20_powerpc.deb
 b6c89c4ee8216f04bd63544b6ca9cd7c 691274 libs important libssl1.0.0_1.0.1f-1ubuntu2.20_powerpc.deb
 fb4b0fdba4f0e2c989b44bd5a0e9bba4 506040 debian-installer optional libcrypto1.0.0-udeb_1.0.1f-1ubuntu2.20_powerpc.udeb
 a8093320cd1ea92656ca7c9ec13f7f54 105922 debian-installer optional libssl1.0.0-udeb_1.0.1f-1ubuntu2.20_powerpc.udeb
 982d3cf11897a0d8c9576469af0fec5c 947986 libdevel optional libssl-dev_1.0.1f-1ubuntu2.20_powerpc.deb
 42f20ae6c45e0a3a72c8fad56ab58873 2694318 debug extra libssl1.0.0-dbg_1.0.1f-1ubuntu2.20_powerpc.deb
 1086a0284257d46096d557cf2bd47908 1060 utils extra openssl-dbgsym_1.0.1f-1ubuntu2.20_powerpc.ddeb
 9fef3c4a3ee6cccd953f706491c72858 902 libs extra libssl1.0.0-dbgsym_1.0.1f-1ubuntu2.20_powerpc.ddeb
 f9a9c8d3e56ad2d63a2d3f741bf41adf 936 debian-installer extra libcrypto1.0.0-udeb-dbgsym_1.0.1f-1ubuntu2.20_powerpc.ddeb
 2d8aeffa5fc1eca75c9e2e868ca62df3 820 debian-installer extra libssl1.0.0-udeb-dbgsym_1.0.1f-1ubuntu2.20_powerpc.ddeb
 05e7f3cc91c75220d45096de11f171c4 924 libdevel extra libssl-dev-dbgsym_1.0.1f-1ubuntu2.20_powerpc.ddeb
 d959d11fb7123b57795246b9336d81b3 20525 raw-translations - openssl_1.0.1f-1ubuntu2.20_powerpc_translations.tar.gz
Original-Maintainer: Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>
Package-Type: udeb