Format: 1.8
Date: Thu, 11 Jun 2015 07:12:10 -0400
Source: openssl
Binary: openssl libssl1.0.0 libcrypto1.0.0-udeb libssl1.0.0-udeb libssl-dev libssl-doc libssl1.0.0-dbg
Architecture: arm64 arm64_translations
Version: 1.0.1f-1ubuntu9.8
Distribution: utopic
Urgency: medium
Maintainer: Ubuntu Build Daemon <buildd@templar.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 libcrypto1.0.0-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb)
 libssl-dev - Secure Sockets Layer toolkit - development files
 libssl-doc - Secure Sockets Layer toolkit - development documentation
 libssl1.0.0 - Secure Sockets Layer toolkit - shared libraries
 libssl1.0.0-dbg - Secure Sockets Layer toolkit - debug information
 libssl1.0.0-udeb - ssl shared library - udeb (udeb)
 openssl    - Secure Sockets Layer toolkit - cryptographic utility
Changes:
 openssl (1.0.1f-1ubuntu9.8) utopic-security; urgency=medium
 .
   * SECURITY IMPROVEMENT: reject dh keys smaller than 768 bits
     - debian/patches/reject_small_dh.patch: reject small dh keys in
       ssl/s3_clnt.c, ssl/ssl.h, ssl/ssl_err.c, update documentation in
       doc/ssl/SSL_CTX_set_tmp_dh_callback.pod, make s_server use 2048-bit
       dh in apps/s_server.c, clarify docs in doc/apps/dhparam.pod.
   * SECURITY UPDATE: denial of service and possible code execution via
     invalid free in DTLS
     - debian/patches/CVE-2014-8176.patch: fix invalid free in ssl/d1_lib.c.
     - CVE-2014-8176
   * SECURITY UPDATE: denial of service via malformed ECParameters
     - debian/patches/CVE-2015-1788.patch: improve logic in
       crypto/bn/bn_gf2m.c.
     - CVE-2015-1788
   * SECURITY UPDATE: denial of service via out-of-bounds read in
     X509_cmp_time
     - debian/patches/CVE-2015-1789.patch: properly parse time format in
       crypto/x509/x509_vfy.c.
     - CVE-2015-1789
   * SECURITY UPDATE: denial of service via missing EnvelopedContent
     - debian/patches/CVE-2015-1790.patch: handle NULL data_body in
       crypto/pkcs7/pk7_doit.c.
     - CVE-2015-1790
   * SECURITY UPDATE: race condition in NewSessionTicket
     - debian/patches/CVE-2015-1791.patch: create a new session in
       ssl/s3_clnt.c, ssl/ssl.h, ssl/ssl_err.c, ssl/ssl_locl.h,
       ssl/ssl_sess.c.
     - debian/patches/CVE-2015-1791-2.patch: fix kerberos issue in
       ssl/ssl_sess.c.
     - debian/patches/CVE-2015-1791-3.patch: more ssl_session_dup fixes in
       ssl/ssl_sess.c.
     - CVE-2015-1791
   * SECURITY UPDATE: CMS verify infinite loop with unknown hash function
     - debian/patches/CVE-2015-1792.patch: fix infinite loop in
       crypto/cms/cms_smime.c.
     - CVE-2015-1792
Checksums-Sha1:
 acd7f993e502a8fb255d789e6b05b7c0355472b2 474940 openssl_1.0.1f-1ubuntu9.8_arm64.deb
 245eba7c5513a5ebaa114fbf886429874dc3c5ea 677232 libssl1.0.0_1.0.1f-1ubuntu9.8_arm64.deb
 28bf8fa93e1a6e03fe0d039f03083c66449bddac 490510 libcrypto1.0.0-udeb_1.0.1f-1ubuntu9.8_arm64.udeb
 51b5ec4ece4934249ea85a9096af417901b87eb3 100880 libssl1.0.0-udeb_1.0.1f-1ubuntu9.8_arm64.udeb
 28eb685d0283bf0fd5c624d6418bf53ceeaa57e7 962314 libssl-dev_1.0.1f-1ubuntu9.8_arm64.deb
 3790052911302ea7f1e1449e99e5ccd034368d87 2709198 libssl1.0.0-dbg_1.0.1f-1ubuntu9.8_arm64.deb
 979a9d6675bb2d47b81945d08ce7db28f9c5c20f 1116 openssl-dbgsym_1.0.1f-1ubuntu9.8_arm64.ddeb
 322300a554d329aa4f4ee547b8369e8cf77cb668 954 libssl1.0.0-dbgsym_1.0.1f-1ubuntu9.8_arm64.ddeb
 c5afc2134793940c9ebd5e79e48c6f5ef4d78f05 988 libcrypto1.0.0-udeb-dbgsym_1.0.1f-1ubuntu9.8_arm64.ddeb
 8753a35d04b9c709b272abcf2057b975164a7267 872 libssl1.0.0-udeb-dbgsym_1.0.1f-1ubuntu9.8_arm64.ddeb
 ba8c3dcd9ef9fb731769ce78bd70f8972a8eee3a 974 libssl-dev-dbgsym_1.0.1f-1ubuntu9.8_arm64.ddeb
 d334886b8ff8d75e66dfea31956e49f2d242576b 20446 openssl_1.0.1f-1ubuntu9.8_arm64_translations.tar.gz
Checksums-Sha256:
 d58bdbfa0ee8bba94054a767cbf840ea30cfdbe8aff27f7cd7da08108dd528bf 474940 openssl_1.0.1f-1ubuntu9.8_arm64.deb
 10264c0bc0234fd0f9a5bbf9778a2b77a182fd1e159eca795d9a376385b62c8b 677232 libssl1.0.0_1.0.1f-1ubuntu9.8_arm64.deb
 771d0b7073ea496073b44ad3bd89d5a3ef135ba2bada4bc119d1267f4da58fb2 490510 libcrypto1.0.0-udeb_1.0.1f-1ubuntu9.8_arm64.udeb
 44d39d2e51a0b2266944f58d7b66b697ca4327e65f1a468165822e95a026b52d 100880 libssl1.0.0-udeb_1.0.1f-1ubuntu9.8_arm64.udeb
 6f15b8a620ff2833bb0265367d561750c2ea6efb46c3a68285fad9b062a8d6e6 962314 libssl-dev_1.0.1f-1ubuntu9.8_arm64.deb
 b8d45c906cb738c44a99983a1e1d0c8e9ee8da62db8924078af0e31b37f96b18 2709198 libssl1.0.0-dbg_1.0.1f-1ubuntu9.8_arm64.deb
 e8d6776b8a00b484396548c8a4a6d8a126c02b80b26867ba3dbcfdd14c1c8cc2 1116 openssl-dbgsym_1.0.1f-1ubuntu9.8_arm64.ddeb
 d4f3d572c118dd2c094376a6c1d7b95077c6299069de27f2df6b932fdc96b2e8 954 libssl1.0.0-dbgsym_1.0.1f-1ubuntu9.8_arm64.ddeb
 78bc93508acf1729c9ccad9054aaf97f97616a6263344406aef0a224a6e257da 988 libcrypto1.0.0-udeb-dbgsym_1.0.1f-1ubuntu9.8_arm64.ddeb
 9e07e19960e0474d4882750348b1e85ed7129e8f7d138d8a81741cc16185825d 872 libssl1.0.0-udeb-dbgsym_1.0.1f-1ubuntu9.8_arm64.ddeb
 0148c4a2a7b81cb60043c6f864af68acc0a054b02f98288a17f4abe9ecf381a1 974 libssl-dev-dbgsym_1.0.1f-1ubuntu9.8_arm64.ddeb
 cce20731f042d52ab713615220ce047a749251e79c6d35fe35b798898f67e01b 20446 openssl_1.0.1f-1ubuntu9.8_arm64_translations.tar.gz
Files:
 7ea586742511efe66c26f28f1b854382 474940 utils optional openssl_1.0.1f-1ubuntu9.8_arm64.deb
 74d56d6c40e81419879938838a28741f 677232 libs important libssl1.0.0_1.0.1f-1ubuntu9.8_arm64.deb
 bb2d6fe99b4fd872999b8368c3d89418 490510 debian-installer optional libcrypto1.0.0-udeb_1.0.1f-1ubuntu9.8_arm64.udeb
 95ae08ad6a83b79203f2583319ecca83 100880 debian-installer optional libssl1.0.0-udeb_1.0.1f-1ubuntu9.8_arm64.udeb
 564c7b5d7eff69410f9af4b657f782b7 962314 libdevel optional libssl-dev_1.0.1f-1ubuntu9.8_arm64.deb
 0ba87a78fcd70d17b5c25a5327a6b7c4 2709198 debug extra libssl1.0.0-dbg_1.0.1f-1ubuntu9.8_arm64.deb
 fa5c070c731b1ca2662ca2453a960614 1116 utils extra openssl-dbgsym_1.0.1f-1ubuntu9.8_arm64.ddeb
 908dc04f96d202db680190b5f11be027 954 libs extra libssl1.0.0-dbgsym_1.0.1f-1ubuntu9.8_arm64.ddeb
 5ee43e793c79aea6b6c97654eeca7d17 988 debian-installer extra libcrypto1.0.0-udeb-dbgsym_1.0.1f-1ubuntu9.8_arm64.ddeb
 e91497946222fcb7476affe56f8309d5 872 debian-installer extra libssl1.0.0-udeb-dbgsym_1.0.1f-1ubuntu9.8_arm64.ddeb
 4a68cc745fb3d4cb48711e6284c92b7f 974 libdevel extra libssl-dev-dbgsym_1.0.1f-1ubuntu9.8_arm64.ddeb
 7f40676d556ceaf0ea7e49b7da457669 20446 raw-translations - openssl_1.0.1f-1ubuntu9.8_arm64_translations.tar.gz
Original-Maintainer: Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>
Package-Type: udeb