Format: 1.8 Date: Wed, 15 Oct 2014 13:17:00 -0400 Source: openssl Binary: openssl openssl-doc libssl0.9.8 libcrypto0.9.8-udeb libssl0.9.8-udeb libssl-dev libssl0.9.8-dbg Architecture: sparc sparc_translations Version: 0.9.8k-7ubuntu8.22 Distribution: lucid Urgency: medium Maintainer: Ubuntu/sparc Build Daemon Changed-By: Marc Deslauriers Description: libcrypto0.9.8-udeb - crypto shared library - udeb (udeb) libssl-dev - SSL development libraries, header files and documentation libssl0.9.8 - SSL shared libraries libssl0.9.8-dbg - Symbol tables for libssl and libcrypto libssl0.9.8-udeb - ssl shared library - udeb (udeb) openssl - Secure Socket Layer (SSL) binary and related cryptographic tools openssl-doc - Secure Socket Layer (SSL) documentation Changes: openssl (0.9.8k-7ubuntu8.22) lucid-security; urgency=medium . * SECURITY UPDATE: denial of service via session ticket integrity check memory leak - debian/patches/CVE-2014-3567.patch: perform cleanup in ssl/t1_lib.c. - CVE-2014-3567 * SECURITY UPDATE: fix the no-ssl3 build option - debian/patches/CVE-2014-3568.patch: fix conditional code in ssl/s23_clnt.c, ssl/s23_srvr.c. - CVE-2014-3568 * SECURITY IMPROVEMENT: Added TLS_FALLBACK_SCSV support to mitigate a protocol downgrade attack to SSLv3 that exposes the POODLE attack. - debian/patches/tls_fallback_scsv_support.patch: added support for TLS_FALLBACK_SCSV in apps/s_client.c, crypto/err/openssl.ec, ssl/d1_lib.c, ssl/dtls1.h, ssl/s23_clnt.c, ssl/s23_srvr.c, ssl/s2_lib.c, ssl/s3_enc.c, ssl/s3_lib.c, ssl/ssl.h, ssl/ssl3.h, ssl/ssl_err.c, ssl/ssl_lib.c, ssl/t1_enc.c, ssl/tls1.h, ssl/ssl_locl.h, doc/apps/s_client.pod, doc/ssl/SSL_CTX_set_mode.pod. Checksums-Sha1: 8be087fb42c8ab26e53e82cb959e5b9370f893e0 419442 openssl_0.9.8k-7ubuntu8.22_sparc.deb 413ae0705c95d914231e7a39fd4bf6b34c72fdf4 2370464 libssl0.9.8_0.9.8k-7ubuntu8.22_sparc.deb 47bea38e1ea8ac7607a8a9424fcd9e22f7d72e98 598534 libcrypto0.9.8-udeb_0.9.8k-7ubuntu8.22_sparc.udeb e23c492cc6cb5b08db4281d8d78e7b8c19fcfea0 130234 libssl0.9.8-udeb_0.9.8k-7ubuntu8.22_sparc.udeb f3a6f47ecbcf68367361818e1e1dcdf2a2b67375 2072096 libssl-dev_0.9.8k-7ubuntu8.22_sparc.deb b586b09a5d89cf91c941a9b045fdec411ca76c62 4151136 libssl0.9.8-dbg_0.9.8k-7ubuntu8.22_sparc.deb 0ce526beb7de90e7f36384044cb0cf2a0b3aab8f 18462 openssl_0.9.8k-7ubuntu8.22_sparc_translations.tar.gz Checksums-Sha256: 5cde085de647d67e7d5b15358c70a8c0623db91ce98ee86fc572c109854d6f20 419442 openssl_0.9.8k-7ubuntu8.22_sparc.deb 7a4c7cd3a12f8a2f1cdba0ee6cf3cdfc824ee3aa25fed065e3e4d8fa5d8025f4 2370464 libssl0.9.8_0.9.8k-7ubuntu8.22_sparc.deb e3e542d616aad3148dc6ec6ab565cbe8b0c7bf315050aeed8efcac47863a0148 598534 libcrypto0.9.8-udeb_0.9.8k-7ubuntu8.22_sparc.udeb 57b262a37833a70b862ec78933c104ed6115eb4684fff9fd1b36fad661d7e0f4 130234 libssl0.9.8-udeb_0.9.8k-7ubuntu8.22_sparc.udeb d6a6378b62b22641e5905aeff207ed7a1bf9917f41280338bf1d3d37f4fa6b4c 2072096 libssl-dev_0.9.8k-7ubuntu8.22_sparc.deb 24f3fb3b48a22af1d62713ec6ab4acbe0a0f8f7760ebcb524342e5660bc95fce 4151136 libssl0.9.8-dbg_0.9.8k-7ubuntu8.22_sparc.deb 05673cea772691355ac47fa14c5e74987b852b34289291e486800fa45a6f18d5 18462 openssl_0.9.8k-7ubuntu8.22_sparc_translations.tar.gz Files: 0ebc1cd8f8f800fb3aece26cd4cf90e2 419442 utils optional openssl_0.9.8k-7ubuntu8.22_sparc.deb 69acd03dfda71799de69d070542fdb84 2370464 libs important libssl0.9.8_0.9.8k-7ubuntu8.22_sparc.deb 24f31df1e148d43e72c8de2220e80abd 598534 debian-installer optional libcrypto0.9.8-udeb_0.9.8k-7ubuntu8.22_sparc.udeb 5921f0dc8f4d5309f3fec08293a91418 130234 debian-installer optional libssl0.9.8-udeb_0.9.8k-7ubuntu8.22_sparc.udeb 67a51e0a8a71ba0759e879e9f187d19d 2072096 libdevel optional libssl-dev_0.9.8k-7ubuntu8.22_sparc.deb 525c9b756a686c248b213319dab4a835 4151136 debug extra libssl0.9.8-dbg_0.9.8k-7ubuntu8.22_sparc.deb 2a81cb825fec6a159ee691047a5e6618 18462 raw-translations - openssl_0.9.8k-7ubuntu8.22_sparc_translations.tar.gz Original-Maintainer: Debian OpenSSL Team Package-Type: udeb