Format: 1.8
Date: Thu, 19 Mar 2015 10:05:54 -0400
Source: openssl
Binary: openssl libssl1.0.0 libcrypto1.0.0-udeb libssl1.0.0-udeb libssl-dev libssl-doc libssl1.0.0-dbg
Architecture: powerpc powerpc_translations
Version: 1.0.1f-1ubuntu9.4
Distribution: utopic
Urgency: medium
Maintainer: Ubuntu/powerpc Build Daemon <buildd@sagari.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 libcrypto1.0.0-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb)
 libssl-dev - Secure Sockets Layer toolkit - development files
 libssl-doc - Secure Sockets Layer toolkit - development documentation
 libssl1.0.0 - Secure Sockets Layer toolkit - shared libraries
 libssl1.0.0-dbg - Secure Sockets Layer toolkit - debug information
 libssl1.0.0-udeb - ssl shared library - udeb (udeb)
 openssl    - Secure Sockets Layer toolkit - cryptographic utility
Changes:
 openssl (1.0.1f-1ubuntu9.4) utopic-security; urgency=medium
 .
   * SECURITY UPDATE: denial of service and possible memory corruption via
     malformed EC private key
     - debian/patches/CVE-2015-0209.patch: fix use after free in
       crypto/ec/ec_asn1.c.
     - debian/patches/CVE-2015-0209-2.patch: fix a failure to NULL a pointer
       freed on error in crypto/asn1/x_x509.c, crypto/ec/ec_asn1.c.
     - CVE-2015-0209
   * SECURITY UPDATE: denial of service via cert verification
     - debian/patches/CVE-2015-0286.patch: handle boolean types in
       crypto/asn1/a_type.c.
     - CVE-2015-0286
   * SECURITY UPDATE: ASN.1 structure reuse memory corruption
     - debian/patches/CVE-2015-0287.patch: free up structures in
       crypto/asn1/tasn_dec.c.
     - CVE-2015-0287
   * SECURITY UPDATE: denial of service via invalid certificate key
     - debian/patches/CVE-2015-0288.patch: check public key isn't NULL in
       crypto/x509/x509_req.c.
     - CVE-2015-0288
   * SECURITY UPDATE: denial of service and possible code execution via
     PKCS#7 parsing
     - debian/patches/CVE-2015-0289.patch: handle missing content in
       crypto/pkcs7/pk7_doit.c, crypto/pkcs7/pk7_lib.c.
     - CVE-2015-0289
   * SECURITY UPDATE: denial of service or memory corruption via base64
     decoding
     - debian/patches/CVE-2015-0292.patch: prevent underflow in
       crypto/evp/encode.c.
     - CVE-2015-0292
   * SECURITY UPDATE: denial of service via assert in SSLv2 servers
     - debian/patches/CVE-2015-0293.patch: check key lengths in
       ssl/s2_lib.c, ssl/s2_srvr.c.
     - debian/patches/CVE-2015-0293-2.patch: fix unsigned/signed warnings in
       ssl/s2_srvr.c.
     - CVE-2015-0293
Checksums-Sha1:
 babfe0484ce8115434c3eb9265606294bf7479a9 466682 openssl_1.0.1f-1ubuntu9.4_powerpc.deb
 8d81e07fbb626ca6ebbf366f8444d8fbdee5a70c 696174 libssl1.0.0_1.0.1f-1ubuntu9.4_powerpc.deb
 d6e2c13ee1f0ff5e8c48139263373730d5084082 506574 libcrypto1.0.0-udeb_1.0.1f-1ubuntu9.4_powerpc.udeb
 e23c8bed98152e40215899437b075df47e08234a 106206 libssl1.0.0-udeb_1.0.1f-1ubuntu9.4_powerpc.udeb
 d6a0aeaccc64d453a336daa7d93e091d1da2643c 947094 libssl-dev_1.0.1f-1ubuntu9.4_powerpc.deb
 2681439133ebadbc33a68403be9f13d27d715888 2713280 libssl1.0.0-dbg_1.0.1f-1ubuntu9.4_powerpc.deb
 8239c4aa5bb4f5d385fe9f03b599ef52403887ef 20675 openssl_1.0.1f-1ubuntu9.4_powerpc_translations.tar.gz
Checksums-Sha256:
 a2af674be68abf56764f7872168d7f177681b622cbd9c52d696a97b2537db294 466682 openssl_1.0.1f-1ubuntu9.4_powerpc.deb
 4895d3c96b36ac625ad6f8c8d0974769d7035ec00cfd2f975093cdde696d44aa 696174 libssl1.0.0_1.0.1f-1ubuntu9.4_powerpc.deb
 43beb220c4f9f38e1423f21681fa772616be86ec2e23cc66a8d75a16f8807aa4 506574 libcrypto1.0.0-udeb_1.0.1f-1ubuntu9.4_powerpc.udeb
 3e4d5b9fb7dd6d18c88e4c3e7834dddb1264c413814287d7b7a7ac1ccfc37d75 106206 libssl1.0.0-udeb_1.0.1f-1ubuntu9.4_powerpc.udeb
 0af778e6e13cdee0264987baaccfe4c4493a705b56e30b182be23986c089eaf8 947094 libssl-dev_1.0.1f-1ubuntu9.4_powerpc.deb
 55c786dd8149dc99b80c5a8a19599a415d1bc6ef3c7b599e0a23327441f59d88 2713280 libssl1.0.0-dbg_1.0.1f-1ubuntu9.4_powerpc.deb
 72846fefcd60c4b29e7f68ae3317d1e89037983e638d030aef8975d1571f19be 20675 openssl_1.0.1f-1ubuntu9.4_powerpc_translations.tar.gz
Files:
 009cbe064f68789e03d09337f7129014 466682 utils optional openssl_1.0.1f-1ubuntu9.4_powerpc.deb
 0d7fcce15f6e50705374ab893d55764a 696174 libs important libssl1.0.0_1.0.1f-1ubuntu9.4_powerpc.deb
 780d6cf83e527ceb202c2577dd163b99 506574 debian-installer optional libcrypto1.0.0-udeb_1.0.1f-1ubuntu9.4_powerpc.udeb
 3860d3de3577fa45ae11ca283507e9c6 106206 debian-installer optional libssl1.0.0-udeb_1.0.1f-1ubuntu9.4_powerpc.udeb
 186ec6fb0e31fba811bfd4c96ac83698 947094 libdevel optional libssl-dev_1.0.1f-1ubuntu9.4_powerpc.deb
 7330f092f116e4191925172b8e1a5c3b 2713280 debug extra libssl1.0.0-dbg_1.0.1f-1ubuntu9.4_powerpc.deb
 c7a626d1dd5f1a1bc6154be605ac6e37 20675 raw-translations - openssl_1.0.1f-1ubuntu9.4_powerpc_translations.tar.gz
Original-Maintainer: Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>
Package-Type: udeb