Format: 1.8 Date: Wed, 20 Jun 2018 07:38:22 -0400 Source: openssl Binary: openssl libssl1.0.0 libcrypto1.0.0-udeb libssl1.0.0-udeb libssl-dev libssl-doc libssl1.0.0-dbg Architecture: ppc64el ppc64el_translations Version: 1.0.2g-1ubuntu4.13 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: libcrypto1.0.0-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb) libssl-dev - Secure Sockets Layer toolkit - development files libssl-doc - Secure Sockets Layer toolkit - development documentation libssl1.0.0 - Secure Sockets Layer toolkit - shared libraries libssl1.0.0-dbg - Secure Sockets Layer toolkit - debug information libssl1.0.0-udeb - ssl shared library - udeb (udeb) openssl - Secure Sockets Layer toolkit - cryptographic utility Changes: openssl (1.0.2g-1ubuntu4.13) xenial-security; urgency=medium . * SECURITY UPDATE: ECDSA key extraction side channel - debian/patches/CVE-2018-0495.patch: add blinding to an ECDSA signature in crypto/ecdsa/ecdsatest.c, crypto/ecdsa/ecs_ossl.c. - CVE-2018-0495 * SECURITY UPDATE: denial of service via long prime values - debian/patches/CVE-2018-0732.patch: reject excessively large primes in DH key generation in crypto/dh/dh_key.c. - CVE-2018-0732 * SECURITY UPDATE: RSA cache timing side channel attack (previous update was incomplete) - debian/patches/CVE-2018-0737-1.patch: replaced variable-time GCD in crypto/rsa/rsa_gen.c. - debian/patches/CVE-2018-0737-2.patch: used ERR set/pop mark in crypto/rsa/rsa_gen.c. - debian/patches/CVE-2018-0737-3.patch: consttime flag changed in crypto/rsa/rsa_gen.c. - debian/patches/CVE-2018-0737-4.patch: ensure BN_mod_inverse and BN_mod_exp_mont both get called with BN_FLG_CONSTTIME flag set in crypto/rsa/rsa_gen.c. - CVE-2018-0737 Checksums-Sha1: 459019403b777836ac8103e5cccbaeb1df983872 940 libcrypto1.0.0-udeb-dbgsym_1.0.2g-1ubuntu4.13_ppc64el.ddeb 42152c39b87434517d8e8e61a52ce3136e0f43de 611734 libcrypto1.0.0-udeb_1.0.2g-1ubuntu4.13_ppc64el.udeb b28c5c59d182090c5ea3f963cf86e731ab8c078e 926 libssl-dev-dbgsym_1.0.2g-1ubuntu4.13_ppc64el.ddeb dc14add3cdde76ecac1510d6c5045400fc84e554 1181036 libssl-dev_1.0.2g-1ubuntu4.13_ppc64el.deb a9f57dc20f84a3cbccaa21fd5aa8cb959e8aa6a0 2934472 libssl1.0.0-dbg_1.0.2g-1ubuntu4.13_ppc64el.deb 36f670cbd565c28fa73848e277eb13f3d3717530 904 libssl1.0.0-dbgsym_1.0.2g-1ubuntu4.13_ppc64el.ddeb 462727a584ae3d34934e6d90922abee8716af2d6 822 libssl1.0.0-udeb-dbgsym_1.0.2g-1ubuntu4.13_ppc64el.ddeb 4ed620d1608e18e2d785a1fd5a96611b861d66b7 130362 libssl1.0.0-udeb_1.0.2g-1ubuntu4.13_ppc64el.udeb 41f30e5b8fc8e6df6c6e6fb12db51b7f68b1977c 833390 libssl1.0.0_1.0.2g-1ubuntu4.13_ppc64el.deb 8e4b87bfc41ddec0f8f5f91f3956c49f7bcbfebb 1064 openssl-dbgsym_1.0.2g-1ubuntu4.13_ppc64el.ddeb fc874e559e7b9a4b86e2bf6fa6f6a8cd36cf1390 481266 openssl_1.0.2g-1ubuntu4.13_ppc64el.deb f61d33ead9947b3371c3f805f152a34c533ae525 20588 openssl_1.0.2g-1ubuntu4.13_ppc64el_translations.tar.gz Checksums-Sha256: 1f16a6633729fe40afa25cdf872678c042e111e1e67f6807433edad523b21f9a 940 libcrypto1.0.0-udeb-dbgsym_1.0.2g-1ubuntu4.13_ppc64el.ddeb b65fc1924a6e4a8ed86a5acf53fde502280a33c9170c794d9a3ae2dd1cb6f5dd 611734 libcrypto1.0.0-udeb_1.0.2g-1ubuntu4.13_ppc64el.udeb 14086547fc4e51b102d7a3f9b086eba67548f9bf37d544778327dc252b51edae 926 libssl-dev-dbgsym_1.0.2g-1ubuntu4.13_ppc64el.ddeb 8e122b4438b71a67ba9b0816baca7fbca8b2e7a58717555bd8fee5f3ab0eb476 1181036 libssl-dev_1.0.2g-1ubuntu4.13_ppc64el.deb 4edc551e05665c2c4f3a923800f9dbdae1439bb5f9106e20e5e86acb73022eec 2934472 libssl1.0.0-dbg_1.0.2g-1ubuntu4.13_ppc64el.deb 4f12ae459847be36ccc40abaf72ede26bbf3328355d537491fb9cf5ffea4e2c2 904 libssl1.0.0-dbgsym_1.0.2g-1ubuntu4.13_ppc64el.ddeb 114d3372fe63b785eccd58b09b2e16bc1c6b3a4ae4b8ef8f2b784e42b51f6592 822 libssl1.0.0-udeb-dbgsym_1.0.2g-1ubuntu4.13_ppc64el.ddeb e585f84edbb51ad3bb79caf119d0a4f44a39e665c585a69bd7dc65484087bad2 130362 libssl1.0.0-udeb_1.0.2g-1ubuntu4.13_ppc64el.udeb 7ec203a26a653465b722c7a1343f0de2aec293c45d4515b39a1f75e3b0b6e9e7 833390 libssl1.0.0_1.0.2g-1ubuntu4.13_ppc64el.deb 9c60ece0bd699db0c25ac4d04223e5df19a47fba20ce9c20439875a9674ecc3e 1064 openssl-dbgsym_1.0.2g-1ubuntu4.13_ppc64el.ddeb f222e457a0e65c513075797bbae5539dfa35b0ea22c4978dfc962c8fe79fdd76 481266 openssl_1.0.2g-1ubuntu4.13_ppc64el.deb d9b28c79564a66150d4116360791e53646d83fd2e1134b3451bf6b1f156b6117 20588 openssl_1.0.2g-1ubuntu4.13_ppc64el_translations.tar.gz Files: 29ae820ecf1797676479c39d9ce55349 940 debian-installer extra libcrypto1.0.0-udeb-dbgsym_1.0.2g-1ubuntu4.13_ppc64el.ddeb 7713b56c0641ea8babbf44cc804a7fe1 611734 debian-installer optional libcrypto1.0.0-udeb_1.0.2g-1ubuntu4.13_ppc64el.udeb 7fb68d9cdb298aa7b651656f989e9d32 926 libdevel extra libssl-dev-dbgsym_1.0.2g-1ubuntu4.13_ppc64el.ddeb 0d416849e8e7be3301d816f045c0c9ae 1181036 libdevel optional libssl-dev_1.0.2g-1ubuntu4.13_ppc64el.deb 0038ba43be77269cbc578d43fb61da76 2934472 debug extra libssl1.0.0-dbg_1.0.2g-1ubuntu4.13_ppc64el.deb f715e1ce798bd9e894b60f6f1ef3bcb4 904 libs extra libssl1.0.0-dbgsym_1.0.2g-1ubuntu4.13_ppc64el.ddeb 2a54f70e18aab3239818661a8bf4d197 822 debian-installer extra libssl1.0.0-udeb-dbgsym_1.0.2g-1ubuntu4.13_ppc64el.ddeb b6faf6ddf6f94f337be94a57041a92b4 130362 debian-installer optional libssl1.0.0-udeb_1.0.2g-1ubuntu4.13_ppc64el.udeb bbec12bdcd7fdadc0e174adb372d9a02 833390 libs important libssl1.0.0_1.0.2g-1ubuntu4.13_ppc64el.deb b4dbb7c6fb5dd7fe1f6162114bd3fcb7 1064 utils extra openssl-dbgsym_1.0.2g-1ubuntu4.13_ppc64el.ddeb a51d5dc67868f3e77c379abda8ecd8e1 481266 utils optional openssl_1.0.2g-1ubuntu4.13_ppc64el.deb 5932a4303c442174949da2c2b3c95797 20588 raw-translations - openssl_1.0.2g-1ubuntu4.13_ppc64el_translations.tar.gz Original-Maintainer: Debian OpenSSL Team Package-Type: udeb