Format: 1.8 Date: Tue, 31 Jan 2012 01:41:34 -0800 Source: openssl Binary: openssl openssl-doc libssl0.9.8 libcrypto0.9.8-udeb libssl0.9.8-udeb libssl-dev libssl0.9.8-dbg Architecture: sparc sparc_translations Version: 0.9.8k-7ubuntu8.8 Distribution: lucid Urgency: low Maintainer: Ubuntu/sparc Build Daemon Changed-By: Steve Beattie Description: libcrypto0.9.8-udeb - crypto shared library - udeb (udeb) libssl-dev - SSL development libraries, header files and documentation libssl0.9.8 - SSL shared libraries libssl0.9.8-dbg - Symbol tables for libssl and libcrypto libssl0.9.8-udeb - ssl shared library - udeb (udeb) openssl - Secure Socket Layer (SSL) binary and related cryptographic tools openssl-doc - Secure Socket Layer (SSL) documentation Launchpad-Bugs-Fixed: 244250 Changes: openssl (0.9.8k-7ubuntu8.8) lucid-security; urgency=low . * SECURITY UPDATE: ECDSA private key timing attack - debian/patches/CVE-2011-1945.patch: compute with fixed scalar length - CVE-2011-1945 * SECURITY UPDATE: ECDH ciphersuite denial of service - debian/patches/CVE-2011-3210.patch: fix memory usage for thread safety - CVE-2011-3210 * SECURITY UPDATE: DTLS plaintext recovery attack - debian/patches/CVE-2011-4108.patch: perform all computations before discarding messages - CVE-2011-4108 * SECURITY UPDATE: policy check double free vulnerability - debian/patches/CVE-2011-4019.patch: only free domain policyin one location - CVE-2011-4019 * SECURITY UPDATE: SSL 3.0 block padding exposure - debian/patches/CVE-2011-4576.patch: clear bytes used for block padding of SSL 3.0 records. - CVE-2011-4576 * SECURITY UPDATE: malformed RFC 3779 data denial of service attack - debian/patches/CVE-2011-4577.patch: prevent malformed RFC3779 data from triggering an assertion failure - CVE-2011-4577 * SECURITY UPDATE: Server Gated Cryptography (SGC) denial of service - debian/patches/CVE-2011-4619.patch: Only allow one SGC handshake restart for SSL/TLS. - CVE-2011-4619 * SECURITY UPDATE: fix for CVE-2011-4108 denial of service attack - debian/patches/CVE-2012-0050.patch: improve handling of DTLS MAC - CVE-2012-0050 * debian/patches/openssl-fix_ECDSA_tests.patch: fix ECDSA tests * debian/libssl0.9.8.postinst: Only issue the reboot notification for servers by testing that the X server is not running (LP: #244250) Checksums-Sha1: 0fccd7511d92b3fea30abfddf0880ae5a78603cb 419348 openssl_0.9.8k-7ubuntu8.8_sparc.deb 849188b83cf810f99960e7f3baf73d867100f98a 2355158 libssl0.9.8_0.9.8k-7ubuntu8.8_sparc.deb 0c0ac456cc827574d51c2298fab7dd40785aaca2 597940 libcrypto0.9.8-udeb_0.9.8k-7ubuntu8.8_sparc.udeb 1a0663a9c0cfe253adba6cad23347601fd2d5898 126032 libssl0.9.8-udeb_0.9.8k-7ubuntu8.8_sparc.udeb 4c696ea8bac42e9254dbabf2479b6ac6a5dc7e07 2066020 libssl-dev_0.9.8k-7ubuntu8.8_sparc.deb 3310eb1a904db9695d4f42e31b3e00c7568254e9 4095166 libssl0.9.8-dbg_0.9.8k-7ubuntu8.8_sparc.deb c3b52e6e926d6c7e3ec5118da1345d28f676b0fd 18767 openssl_0.9.8k-7ubuntu8.8_sparc_translations.tar.gz Checksums-Sha256: 03ac5cf81ec6c3d0c7a2efda7583a31cdffa4cc54bc249f1b6ad3df990f25bc8 419348 openssl_0.9.8k-7ubuntu8.8_sparc.deb 467ba7aa1773407c9ebe09ace41b3cb6a54925fab1f746bf116380187ee4bc7d 2355158 libssl0.9.8_0.9.8k-7ubuntu8.8_sparc.deb 8d57153160ae173e395376ae35b5c21a9e4dd0f11e73073f1fc4e590da22c3a9 597940 libcrypto0.9.8-udeb_0.9.8k-7ubuntu8.8_sparc.udeb 4b6b2f424d6dd6c5e0424a46e32ff9486901d85995c91d4da34e73a1ac97ce0a 126032 libssl0.9.8-udeb_0.9.8k-7ubuntu8.8_sparc.udeb ae66f383f133490456d71dd48a2b4646e5955da7b657e09013579eb7c5a7f382 2066020 libssl-dev_0.9.8k-7ubuntu8.8_sparc.deb 4c912315533949d5ec9d99a2a089b1eaaa1ed252ff9fb06827bd71737a79c905 4095166 libssl0.9.8-dbg_0.9.8k-7ubuntu8.8_sparc.deb 3285f7995c55bcff4e8566bac4cbd820ce39132931bfd2c3c3f1ba8b35e45d46 18767 openssl_0.9.8k-7ubuntu8.8_sparc_translations.tar.gz Files: e793bbedafd21bca2188fb299d0696b3 419348 utils optional openssl_0.9.8k-7ubuntu8.8_sparc.deb d5c4bc5d5119faad4601511567e6e2bc 2355158 libs important libssl0.9.8_0.9.8k-7ubuntu8.8_sparc.deb dce6ecfb1440cb8314387c51eddb9d2e 597940 debian-installer optional libcrypto0.9.8-udeb_0.9.8k-7ubuntu8.8_sparc.udeb f2a0f566b5c6a5afd49a8852622c96ca 126032 debian-installer optional libssl0.9.8-udeb_0.9.8k-7ubuntu8.8_sparc.udeb 3e4fedc44a6abd9a48dc412b2931d777 2066020 libdevel optional libssl-dev_0.9.8k-7ubuntu8.8_sparc.deb 44a094a35779c7ebcff1c596ceb70ce0 4095166 debug extra libssl0.9.8-dbg_0.9.8k-7ubuntu8.8_sparc.deb 51ad761873e47283f476a4fc8a8b75e1 18767 raw-translations - openssl_0.9.8k-7ubuntu8.8_sparc_translations.tar.gz Original-Maintainer: Debian OpenSSL Team Package-Type: udeb