Format: 1.7
Date: Tue, 08 Sep 2009 15:05:08 -0400
Source: openssl
Binary: openssl openssl-doc libssl0.9.8 libcrypto0.9.8-udeb libssl-dev libssl0.9.8-dbg
Architecture: i386_translations i386 all
Version: 0.9.8g-4ubuntu3.8
Distribution: hardy
Urgency: low
Maintainer: Ubuntu/i386 Build Daemon <buildd@rothera.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description: 
 libcrypto0.9.8-udeb - crypto shared library - udeb (udeb)
 libssl-dev - SSL development libraries, header files and documentation
 libssl0.9.8 - SSL shared libraries
 libssl0.9.8-dbg - Symbol tables for libssl and libcrypto
 openssl    - Secure Socket Layer (SSL) binary and related cryptographic tools
 openssl-doc - Secure Socket Layer (SSL) documentation
Changes: 
 openssl (0.9.8g-4ubuntu3.8) hardy-security; urgency=low
 .
   * SECURITY UPDATE: certificate spoofing via hash collisions from MD2
     design flaws.
     - crypto/evp/c_alld.c, ssl/ssl_algs.c: disable MD2 digest.
     - crypto/x509/x509_vfy.c: skip signature check for self signed
       certificates
     - http://marc.info/?l=openssl-cvs&m=124508133203041&w=2
     - http://marc.info/?l=openssl-cvs&m=124704528713852&w=2
     - CVE-2009-2409
Files: 
 a58642159e35f235b4459fc6cfcef3a8 17359 raw-translations - openssl_0.9.8g-4ubuntu3.8_i386_translations.tar.gz
 0d671d667d868f22dd10c560290d2106 385408 utils optional openssl_0.9.8g-4ubuntu3.8_i386.deb
 8fdc505dde9a6d476d9bdbea59fd3e5f 629734 doc optional openssl-doc_0.9.8g-4ubuntu3.8_all.deb
 78cb33072ba0909ead679099ab7de29f 2830656 libs important libssl0.9.8_0.9.8g-4ubuntu3.8_i386.deb
 37f37ff9195a4f144d0e88d375a5caa7 564904 debian-installer optional libcrypto0.9.8-udeb_0.9.8g-4ubuntu3.8_i386.udeb
 d90ca0f639e0a3ef80c5748dea13627f 1942254 libdevel optional libssl-dev_0.9.8g-4ubuntu3.8_i386.deb
 178c4e1b9a1394184d90bfae4f132abb 5343994 libdevel extra libssl0.9.8-dbg_0.9.8g-4ubuntu3.8_i386.deb
Original-Maintainer: Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>
Package-Type: udeb