Format: 1.7 Date: Thu, 26 Mar 2009 14:12:48 -0500 Source: openssl Binary: openssl openssl-doc libssl0.9.8 libcrypto0.9.8-udeb libssl-dev libssl0.9.8-dbg Architecture: i386_translations i386 all Version: 0.9.8g-4ubuntu3.5 Distribution: hardy Urgency: low Maintainer: Ubuntu/i386 Build Daemon Changed-By: Jamie Strandboge Description: libcrypto0.9.8-udeb - crypto shared library - udeb (udeb) libssl-dev - SSL development libraries, header files and documentation libssl0.9.8 - SSL shared libraries libssl0.9.8-dbg - Symbol tables for libssl and libcrypto openssl - Secure Socket Layer (SSL) binary and related cryptographic tools openssl-doc - Secure Socket Layer (SSL) documentation Changes: openssl (0.9.8g-4ubuntu3.5) hardy-security; urgency=low . * SECURITY UPDATE: crash via invalid memory access when printing BMPString or UniversalString with invalid length - crypto/asn1/tasn_dec.c, crypto/asn1/asn1_err.c and crypto/asn1/asn1.h: return error if invalid length - CVE-2009-0590 - http://www.openssl.org/news/secadv_20090325.txt - patch from upstream CVS: crypto/asn1/asn1.h:1.128.2.11->1.128.2.12 crypto/asn1/asn1_err.c:1.54.2.4->1.54.2.5 crypto/asn1/tasn_dec.c:1.26.2.10->1.26.2.11 Files: 8285bd2e9e3614c9085ce4257aa3b12b 17234 raw-translations - openssl_0.9.8g-4ubuntu3.5_i386_translations.tar.gz 5af0e4c39cd52ceaafcd0a5125103902 385420 utils optional openssl_0.9.8g-4ubuntu3.5_i386.deb 61961a28b3d0c10f62ca97a57c6adaa5 629072 doc optional openssl-doc_0.9.8g-4ubuntu3.5_all.deb eaa05f870fa2f9c57d7176f4e91a1b4a 2829630 libs important libssl0.9.8_0.9.8g-4ubuntu3.5_i386.deb 51cac50604334163982c6e1397895c1b 564938 debian-installer optional libcrypto0.9.8-udeb_0.9.8g-4ubuntu3.5_i386.udeb b3526c8ac54dc67d6daf630d67c40a47 1942008 libdevel optional libssl-dev_0.9.8g-4ubuntu3.5_i386.deb 2461b9fed14a6199aa7d4bd6b7b9a652 5341906 libdevel extra libssl0.9.8-dbg_0.9.8g-4ubuntu3.5_i386.deb Original-Maintainer: Debian OpenSSL Team Package-Type: udeb