Format: 1.8 Date: Thu, 07 Aug 2014 08:48:43 -0400 Source: openssl Binary: openssl openssl-doc libssl0.9.8 libcrypto0.9.8-udeb libssl0.9.8-udeb libssl-dev libssl0.9.8-dbg Architecture: sparc sparc_translations Version: 0.9.8k-7ubuntu8.20 Distribution: lucid Urgency: medium Maintainer: Ubuntu/sparc Build Daemon Changed-By: Marc Deslauriers Description: libcrypto0.9.8-udeb - crypto shared library - udeb (udeb) libssl-dev - SSL development libraries, header files and documentation libssl0.9.8 - SSL shared libraries libssl0.9.8-dbg - Symbol tables for libssl and libcrypto libssl0.9.8-udeb - ssl shared library - udeb (udeb) openssl - Secure Socket Layer (SSL) binary and related cryptographic tools openssl-doc - Secure Socket Layer (SSL) documentation Changes: openssl (0.9.8k-7ubuntu8.20) lucid-security; urgency=medium . * SECURITY UPDATE: double free when processing DTLS packets - debian/patches/CVE-2014-3505.patch: fix double free in ssl/d1_both.c. - CVE-2014-3505 * SECURITY UPDATE: DTLS memory exhaustion - debian/patches/CVE-2014-3506.patch: fix DTLS handshake message size checks in ssl/d1_both.c. - CVE-2014-3506 * SECURITY UPDATE: information leak in pretty printing functions - debian/patches/CVE-2014-3508.patch: fix OID handling in crypto/asn1/a_object.c, crypto/objects/obj_dat.c, crypto/asn1/asn1.h, crypto/asn1/asn1_err.c. - CVE-2014-3508 * SECURITY UPDATE: DTLS anonymous EC(DH) denial of service - debian/patches/CVE-2014-3510.patch: check for server certs in ssl/d1_clnt.c, ssl/s3_clnt.c. - CVE-2014-3510 * SECURITY UPDATE: TLS protocol downgrade attack - debian/patches/CVE-2014-3511.patch: properly handle fragments in ssl/s23_srvr.c. - CVE-2014-3511 Checksums-Sha1: 3244caf45818663568d620e9823c4837b67c5b84 419314 openssl_0.9.8k-7ubuntu8.20_sparc.deb 807872a9d07258e108b397a371d1238351cb871f 2368884 libssl0.9.8_0.9.8k-7ubuntu8.20_sparc.deb 416df463a248cfb7502e5da426cda75d94088c88 598530 libcrypto0.9.8-udeb_0.9.8k-7ubuntu8.20_sparc.udeb 63750bfd072faa81569307b005d01548ee8ab7f4 129714 libssl0.9.8-udeb_0.9.8k-7ubuntu8.20_sparc.udeb f93700bfb3652b6d036237ddd24940f835e0f1c1 2070760 libssl-dev_0.9.8k-7ubuntu8.20_sparc.deb d0c6399ca20c5ca732c97e29b6d3d325b57e40f8 4149758 libssl0.9.8-dbg_0.9.8k-7ubuntu8.20_sparc.deb 33fa6b0de9b60f484d9216bf9e625b303496de26 18465 openssl_0.9.8k-7ubuntu8.20_sparc_translations.tar.gz Checksums-Sha256: cd63280adeeea7dbfce4ff470c17fd0596b9b3eaf3d0e9e6d6b9f9526b471ac4 419314 openssl_0.9.8k-7ubuntu8.20_sparc.deb f8e681bfe3b9621bf5cf5498ac8823ef71fb4ba8f29cb9bcf571ab1247baf401 2368884 libssl0.9.8_0.9.8k-7ubuntu8.20_sparc.deb e7c528a8a1407a897faae672c75e0ce4ab33435e8b7022678a888742b5708df0 598530 libcrypto0.9.8-udeb_0.9.8k-7ubuntu8.20_sparc.udeb 8448e3f8ed84c52a79feaed7917ff739e27bc0fd6a98209921f5c7923330f4e7 129714 libssl0.9.8-udeb_0.9.8k-7ubuntu8.20_sparc.udeb 53aadf003059790354ae3c9db6c803e2d87becbc70f8bc8e76452b324097db77 2070760 libssl-dev_0.9.8k-7ubuntu8.20_sparc.deb 715daeea674acd21e1e950ad27e9af597c4db13cfea74ec36d7cb6b223b050c2 4149758 libssl0.9.8-dbg_0.9.8k-7ubuntu8.20_sparc.deb e81e4e909c47cd890f2d26648432ef7d07167c799380610d6dad87d0f8614933 18465 openssl_0.9.8k-7ubuntu8.20_sparc_translations.tar.gz Files: 3eee64a0067edd698f0fc37fdbe5956e 419314 utils optional openssl_0.9.8k-7ubuntu8.20_sparc.deb 16a28be3d5b19db424499477adf2f18f 2368884 libs important libssl0.9.8_0.9.8k-7ubuntu8.20_sparc.deb 26e00d0720bfe56c5ca9925556cf4328 598530 debian-installer optional libcrypto0.9.8-udeb_0.9.8k-7ubuntu8.20_sparc.udeb 91c51fcaed5b215fbc77e7579f13593d 129714 debian-installer optional libssl0.9.8-udeb_0.9.8k-7ubuntu8.20_sparc.udeb da4ec1a277afa15a48e2646493a58b11 2070760 libdevel optional libssl-dev_0.9.8k-7ubuntu8.20_sparc.deb 58dc8bbab8574a59e40b9af3a2fb0dc8 4149758 debug extra libssl0.9.8-dbg_0.9.8k-7ubuntu8.20_sparc.deb 50945b45a558d53b2d153247fbb489a4 18465 raw-translations - openssl_0.9.8k-7ubuntu8.20_sparc_translations.tar.gz Original-Maintainer: Debian OpenSSL Team Package-Type: udeb