Format: 1.8 Date: Wed, 08 Feb 2012 16:06:24 -0800 Source: openssl Binary: openssl libssl1.0.0 libcrypto1.0.0-udeb libssl1.0.0-udeb libssl-dev libssl-doc libssl1.0.0-dbg Architecture: amd64 amd64_translations Version: 1.0.0e-2ubuntu4.2 Distribution: oneiric Urgency: low Maintainer: Ubuntu/amd64 Build Daemon Changed-By: Steve Beattie Description: libcrypto1.0.0-udeb - crypto shared library - udeb (udeb) libssl-dev - SSL development libraries, header files and documentation libssl-doc - SSL development documentation documentation libssl1.0.0 - SSL shared libraries libssl1.0.0-dbg - Symbol tables for libssl and libcrypto libssl1.0.0-udeb - ssl shared library - udeb (udeb) openssl - Secure Socket Layer (SSL) binary and related cryptographic tools Changes: openssl (1.0.0e-2ubuntu4.2) oneiric-security; urgency=low . * SECURITY UPDATE: DTLS plaintext recovery attack - debian/patches/CVE-2011-4108.patch: perform all computations before discarding messages - CVE-2011-4108 * SECURITY UPDATE: SSL 3.0 block padding exposure - debian/patches/CVE-2011-4576.patch: clear bytes used for block padding of SSL 3.0 records. - CVE-2011-4576 * SECURITY UPDATE: malformed RFC 3779 data denial of service attack - debian/patches/CVE-2011-4577.patch: prevent malformed RFC3779 data from triggering an assertion failure - CVE-2011-4577 * SECURITY UPDATE: Server Gated Cryptography (SGC) denial of service - debian/patches/CVE-2011-4619.patch: Only allow one SGC handshake restart for SSL/TLS. - CVE-2011-4619 * SECURITY UPDATE: GOST block cipher denial of service - debian/patches/CVE-2012-0027.patch: check GOST parameters are not NULL - CVE-2012-0027 * SECURITY UPDATE: fix for CVE-2011-4108 denial of service attack - debian/patches/CVE-2012-0050.patch: improve handling of DTLS MAC - CVE-2012-0050 Checksums-Sha1: 8da33e87e742c4b8bd3c62f40adee791b23937ad 516402 openssl_1.0.0e-2ubuntu4.2_amd64.deb 07b45d624f38c0aafde61d85f28c50c5daf8e788 959158 libssl1.0.0_1.0.0e-2ubuntu4.2_amd64.deb bd235b4d7c88d0c0841fe91666c09326277a1e3b 694292 libcrypto1.0.0-udeb_1.0.0e-2ubuntu4.2_amd64.udeb 5cae628f297ac7b907083b7e97e6563d1ff41e31 134972 libssl1.0.0-udeb_1.0.0e-2ubuntu4.2_amd64.udeb 8891e23a4cf07e4f3a47250de650f2fa0dda40fe 1472010 libssl-dev_1.0.0e-2ubuntu4.2_amd64.deb 10174d9646796a705f8652cf45e9dd924be11865 2042644 libssl1.0.0-dbg_1.0.0e-2ubuntu4.2_amd64.deb 87fec86d81f6559c22b044624d218b64a675270e 19165 openssl_1.0.0e-2ubuntu4.2_amd64_translations.tar.gz Checksums-Sha256: 98c6329f48fe52cec0230b41feef830b16a45d6808e36fed89cb93747e7ff42f 516402 openssl_1.0.0e-2ubuntu4.2_amd64.deb f3f44867ea9b0bc65ed58f9062e117793af262f321168af4e9b7328a5027470b 959158 libssl1.0.0_1.0.0e-2ubuntu4.2_amd64.deb adb70f7b267fe7f98b430e39912e66f43b148ed62ab3031f9000b7271cdd5925 694292 libcrypto1.0.0-udeb_1.0.0e-2ubuntu4.2_amd64.udeb 01b09667787257ed8c17c3c6edaa7e6b9b5786a61c8379ecf9cec5cea30fd99a 134972 libssl1.0.0-udeb_1.0.0e-2ubuntu4.2_amd64.udeb ad154bdbbac07631f04352e6e798eb696a3da08971f7a052d8a71086290a024f 1472010 libssl-dev_1.0.0e-2ubuntu4.2_amd64.deb 709b9ffed9b3fd4ac4c4e0a4b58d53d72d954dc1ec57a29b31556f554943ad4e 2042644 libssl1.0.0-dbg_1.0.0e-2ubuntu4.2_amd64.deb 9c5a49c215d2721e93e9d27d61dbfad1be83eefd70b25756a515253f0becd34c 19165 openssl_1.0.0e-2ubuntu4.2_amd64_translations.tar.gz Files: 2fb6d9ef5a532205b18a962d546a7124 516402 utils optional openssl_1.0.0e-2ubuntu4.2_amd64.deb 2309f3ba2d8b7bbf09bf646e4090b3e7 959158 libs important libssl1.0.0_1.0.0e-2ubuntu4.2_amd64.deb 62b09c9ff6c6a0022fe66f4d4d4d126f 694292 debian-installer optional libcrypto1.0.0-udeb_1.0.0e-2ubuntu4.2_amd64.udeb 53432593f1bd1906a44cff08f8f062c7 134972 debian-installer optional libssl1.0.0-udeb_1.0.0e-2ubuntu4.2_amd64.udeb 9db7be9bb74c19db8b546cb65f1e686f 1472010 libdevel optional libssl-dev_1.0.0e-2ubuntu4.2_amd64.deb 809bab15b2099e9c79a6885f607047fb 2042644 debug extra libssl1.0.0-dbg_1.0.0e-2ubuntu4.2_amd64.deb 1ee9d156af07b8f9bd5e333b1862d1a3 19165 raw-translations - openssl_1.0.0e-2ubuntu4.2_amd64_translations.tar.gz Original-Maintainer: Debian OpenSSL Team Package-Type: udeb