[ubuntu/bionic-proposed] openssl 1.0.2g-1ubuntu15 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Thu Dec 7 20:12:14 UTC 2017 

openssl (1.0.2g-1ubuntu15) bionic; urgency=medium

  * SECURITY UPDATE: Read/write after SSL object in error state
    - debian/patches/CVE-2017-3737-pre.patch: add test/ssltestlib.*,
      add to test/Makefile.
    - debian/patches/CVE-2017-3737-1.patch: don't allow read/write after
      fatal error in ssl/ssl.h.
    - debian/patches/CVE-2017-3737-2.patch: add test to ssl/Makefile,
      ssl/fatalerrtest.c, test/Makefile.
    - CVE-2017-3737
  * SECURITY UPDATE: rsaz_1024_mul_avx2 overflow bug on x86_64
    - debian/patches/CVE-2017-3738.patch: fix digit correction bug in
      crypto/bn/asm/rsaz-avx2.pl.
    - CVE-2017-3738

Date: Thu, 07 Dec 2017 13:13:10 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu15
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 07 Dec 2017 13:13:10 -0500
Source: openssl
Binary: openssl libssl1.0.0 libcrypto1.0.0-udeb libssl1.0.0-udeb libssl-dev libssl1.0-dev libssl-doc libssl1.0.0-dbg
Architecture: source
Version: 1.0.2g-1ubuntu15
Distribution: bionic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
 libcrypto1.0.0-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb)
 libssl-dev - Secure Sockets Layer toolkit - development files
 libssl-doc - Secure Sockets Layer toolkit - development documentation
 libssl1.0-dev - Secure Sockets Layer toolkit - metapackage
 libssl1.0.0 - Secure Sockets Layer toolkit - shared libraries
 libssl1.0.0-dbg - Secure Sockets Layer toolkit - debug information
 libssl1.0.0-udeb - ssl shared library - udeb (udeb)
 openssl    - Secure Sockets Layer toolkit - cryptographic utility
Changes:
 openssl (1.0.2g-1ubuntu15) bionic; urgency=medium
 .
   * SECURITY UPDATE: Read/write after SSL object in error state
     - debian/patches/CVE-2017-3737-pre.patch: add test/ssltestlib.*,
       add to test/Makefile.
     - debian/patches/CVE-2017-3737-1.patch: don't allow read/write after
       fatal error in ssl/ssl.h.
     - debian/patches/CVE-2017-3737-2.patch: add test to ssl/Makefile,
       ssl/fatalerrtest.c, test/Makefile.
     - CVE-2017-3737
   * SECURITY UPDATE: rsaz_1024_mul_avx2 overflow bug on x86_64
     - debian/patches/CVE-2017-3738.patch: fix digit correction bug in
       crypto/bn/asm/rsaz-avx2.pl.
     - CVE-2017-3738
Checksums-Sha1:
 6c516fe6a8446c71d379c5c35dbacfbae8c98d89 2492 openssl_1.0.2g-1ubuntu15.dsc
 cd554caa37d3836c7e8fe8a2bef831a01ef482ee 120564 openssl_1.0.2g-1ubuntu15.debian.tar.xz
 71109030814f0e6a31bd15a3abc5ab613ff95f15 5706 openssl_1.0.2g-1ubuntu15_source.buildinfo
Checksums-Sha256:
 fdb7afae56fc988d125e110a537bc0e113c6dc52f8a1169eefcdf513a32844fa 2492 openssl_1.0.2g-1ubuntu15.dsc
 0c2250840b422ab6cc91772def4bb87d8fceebea1e19cd3c6278c17479ef4613 120564 openssl_1.0.2g-1ubuntu15.debian.tar.xz
 8fbdf9d96c6f5435d5962383e9b5c17cab0f11edc4656032f4220c88d17367fa 5706 openssl_1.0.2g-1ubuntu15_source.buildinfo
Files:
 fb069c0827405c081436df27e462e228 2492 utils optional openssl_1.0.2g-1ubuntu15.dsc
 24b47a8f644bd4a57b8f9e0f04405399 120564 utils optional openssl_1.0.2g-1ubuntu15.debian.tar.xz
 bd91c4074165d4aca008d873850278fd 5706 utils optional openssl_1.0.2g-1ubuntu15_source.buildinfo
Original-Maintainer: Debian OpenSSL Team <pkg-openssl-devel at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJaKZ+5AAoJEGVp2FWnRL6T6gkQALBHbhBGouHTNWvdR9cCfiI6
C316TtwuWDsjn/IbaPz3JUNJTcl+7aVN7off4kVIc+dlE8fCHi/nEuXkBDlvgX/v
1uUQEpg3iGSsLLAaBi+mMVAwWZM3q4R8z2roIc/LX+a0VsiwCfo0PCAhQ7Gexlhz
O4OwzPUi9IJ/S9fIsZmq4GcJm1pX8VIsBVoXOy/YcONBNQq+1ZCcBqAdwoFw8oHw
xArwFX11fk82e7msQk3VsJ300yEgNyEd0wZUA4DHlsLKmUKH8m3v1KO7T3xF7EsO
q4oQqPKVm1N0dthl9evo2fy0rRHLCvCKUu9zH9N7Dlu1YdmMW1owpbPil6pkMWO+
qIaFL0036FRnwt59d0hXs35M+xokLzmtRv02/Xg20TuiOIs+j9/a9ZlYXFV61RKp
lHCvbCGG4o39r/2csFUxO76i7iLNtPW6PCz2ZDp95m+1qdhvieYDUAt/mhi+HuBl
QNmMirz+YXyLJeRqfgaOveEx0cgECKa8C97bON+bt3Enpe0yUb3BVAHCnQ1XbrQ9
cLxI7H54Z0asbIZnBgJDiMBDO9Hpeis+/g6Bl9Y4zODmjfXk5gkLtC4QfJnmRktp
wSBIoMd0PQGocsXTQRfHuFxSCfVZ3X6/S1h5qmYZCKSVuqEQZoTpLVL9N4JXOTzD
aoPeeppAtIVYtX4iyolb
=y90O
-----END PGP SIGNATURE-----

More information about the Bionic-changes mailing list