Format: 1.8 Date: Fri, 09 Jan 2015 09:47:17 -0500 Source: openssl Binary: openssl libssl1.0.0 libcrypto1.0.0-udeb libssl1.0.0-udeb libssl-dev libssl-doc libssl1.0.0-dbg Architecture: arm64 arm64_translations Version: 1.0.1f-1ubuntu9.1 Distribution: utopic Urgency: medium Maintainer: Ubuntu Build Daemon Changed-By: Marc Deslauriers Description: libcrypto1.0.0-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb) libssl-dev - Secure Sockets Layer toolkit - development files libssl-doc - Secure Sockets Layer toolkit - development documentation libssl1.0.0 - Secure Sockets Layer toolkit - shared libraries libssl1.0.0-dbg - Secure Sockets Layer toolkit - debug information libssl1.0.0-udeb - ssl shared library - udeb (udeb) openssl - Secure Sockets Layer toolkit - cryptographic utility Changes: openssl (1.0.1f-1ubuntu9.1) utopic-security; urgency=medium . * SECURITY UPDATE: denial of service via unexpected handshake when no-ssl3 build option is used (not the default) - debian/patches/CVE-2014-3569.patch: keep the old method for now in ssl/s23_srvr.c. - CVE-2014-3569 * SECURITY UPDATE: bignum squaring may produce incorrect results - debian/patches/CVE-2014-3570.patch: fix bignum logic in crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, crypto/bn/bn_asm.c, removed crypto/bn/asm/mips3.s, added test to crypto/bn/bntest.c. - CVE-2014-3570 * SECURITY UPDATE: DTLS segmentation fault in dtls1_get_record - debian/patches/CVE-2014-3571-1.patch: fix crash in ssl/d1_pkt.c, ssl/s3_pkt.c. - debian/patches/CVE-2014-3571-2.patch: make code more obvious in ssl/d1_pkt.c. - CVE-2014-3571 * SECURITY UPDATE: ECDHE silently downgrades to ECDH [Client] - debian/patches/CVE-2014-3572.patch: don't skip server key exchange in ssl/s3_clnt.c. - CVE-2014-3572 * SECURITY UPDATE: certificate fingerprints can be modified - debian/patches/CVE-2014-8275.patch: fix various fingerprint issues in crypto/asn1/a_bitstr.c, crypto/asn1/a_type.c, crypto/asn1/a_verify.c, crypto/asn1/asn1.h, crypto/asn1/asn1_err.c, crypto/asn1/x_algor.c, crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, crypto/x509/x509.h, crypto/x509/x_all.c. - CVE-2014-8275 * SECURITY UPDATE: RSA silently downgrades to EXPORT_RSA [Client] - debian/patches/CVE-2015-0204.patch: only allow ephemeral RSA keys in export ciphersuites in ssl/d1_srvr.c, ssl/s3_clnt.c, ssl/s3_srvr.c, ssl/ssl.h, adjust documentation in doc/ssl/SSL_CTX_set_options.pod, doc/ssl/SSL_CTX_set_tmp_rsa_callback.pod. - CVE-2015-0204 * SECURITY UPDATE: DH client certificates accepted without verification - debian/patches/CVE-2015-0205.patch: prevent use of DH client certificates without sending certificate verify message in ssl/s3_srvr.c. - CVE-2015-0205 * SECURITY UPDATE: DTLS memory leak in dtls1_buffer_record - debian/patches/CVE-2015-0206.patch: properly handle failures in ssl/d1_pkt.c. - CVE-2015-0206 Checksums-Sha1: f7d8c583e48bbc95e2e2e1a0a1fd042cfeabc578 474496 openssl_1.0.1f-1ubuntu9.1_arm64.deb 907b43d3b6499dc22a71133c11c6f093e54e5970 675000 libssl1.0.0_1.0.1f-1ubuntu9.1_arm64.deb 1c5d3e76ee6dec8c177ec8fdc87b9459b01b9071 488868 libcrypto1.0.0-udeb_1.0.1f-1ubuntu9.1_arm64.udeb 3858495ee95898755357bf6d9ec2862bdc9f7093 100206 libssl1.0.0-udeb_1.0.1f-1ubuntu9.1_arm64.udeb c0e57eb43d6f3aee71037c58752ad09f52855521 961316 libssl-dev_1.0.1f-1ubuntu9.1_arm64.deb 5617061f27c7f051a72ba0d699b0c3dadab291f2 2707058 libssl1.0.0-dbg_1.0.1f-1ubuntu9.1_arm64.deb 8a1f989d4f3455ffabd5d12a9c60e8774926837a 20540 openssl_1.0.1f-1ubuntu9.1_arm64_translations.tar.gz Checksums-Sha256: 216989251bafd68d9b355a595ebf3b6a5683866813c3c6bd75b714c03197a597 474496 openssl_1.0.1f-1ubuntu9.1_arm64.deb 013af93170d51e0f53c06d0d0563d6d8fa6e795464d13b8797a6a0d194732fb3 675000 libssl1.0.0_1.0.1f-1ubuntu9.1_arm64.deb 77b2bcecbc6725258c39ce183f2356fcba20a9e15c683294690e4f094b9ea897 488868 libcrypto1.0.0-udeb_1.0.1f-1ubuntu9.1_arm64.udeb ceb83fb1c5397ad2585eea73eff37ae9a7bb45bd53f59ec4c2885b95fd939521 100206 libssl1.0.0-udeb_1.0.1f-1ubuntu9.1_arm64.udeb f449913cf51e64dcb643a535395502c39b8f2f2a42873c6a0cb10553655e9849 961316 libssl-dev_1.0.1f-1ubuntu9.1_arm64.deb 5569618b2e2b319397a4216ee9bc3ae9a907912d2bd13d411ea23b846a4c6db4 2707058 libssl1.0.0-dbg_1.0.1f-1ubuntu9.1_arm64.deb d813f6b28f4a79d962a92ea87a525f650220c3d4a5538b3d29b867ceb7154c80 20540 openssl_1.0.1f-1ubuntu9.1_arm64_translations.tar.gz Files: 831c410791ed100032cf87228941ad22 474496 utils optional openssl_1.0.1f-1ubuntu9.1_arm64.deb a8d87f7bae9c1210a847b8a0e1f4a05a 675000 libs important libssl1.0.0_1.0.1f-1ubuntu9.1_arm64.deb df60cdcdd798f0ac5e84e30002ecf9fe 488868 debian-installer optional libcrypto1.0.0-udeb_1.0.1f-1ubuntu9.1_arm64.udeb bf27ae077fbfc579dd0da8b43c1c74bc 100206 debian-installer optional libssl1.0.0-udeb_1.0.1f-1ubuntu9.1_arm64.udeb 150ef653e6aa19164497341458bd7b73 961316 libdevel optional libssl-dev_1.0.1f-1ubuntu9.1_arm64.deb 665a17fe661ce606380867330f95c2a4 2707058 debug extra libssl1.0.0-dbg_1.0.1f-1ubuntu9.1_arm64.deb 82f5ad12fff083638c9eefa04c719054 20540 raw-translations - openssl_1.0.1f-1ubuntu9.1_arm64_translations.tar.gz Original-Maintainer: Debian OpenSSL Team Package-Type: udeb