Accepted openssl 0.9.8c-4ubuntu0.1 (source)

Ubuntu Installer archive at ubuntu.com
Sat Sep 29 00:55:41 BST 2007


Accepted:
 OK: openssl_0.9.8c.orig.tar.gz
 OK: openssl_0.9.8c-4ubuntu0.1.diff.gz
 OK: openssl_0.9.8c-4ubuntu0.1.dsc
     -> Component: main Section: utils

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Fri, 28 Sep 2007 13:02:19 -0700
Source: openssl
Binary: libssl-dev openssl libssl0.9.8-dbg libcrypto0.9.8-udeb libssl0.9.8
Architecture: source
Version: 0.9.8c-4ubuntu0.1
Distribution: feisty-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Kees Cook <kees at ubuntu.com>
Description: 
 libcrypto0.9.8-udeb - crypto shared library - udeb
 libssl-dev - SSL development libraries, header files and documentation
 libssl0.9.8 - SSL shared libraries
 libssl0.9.8-dbg - Symbol tables for libssl and libcrypt
 openssl    - Secure Socket Layer (SSL) binary and related cryptographic tools
Launchpad-Bugs-Fixed: 146269
Changes: 
 openssl (0.9.8c-4ubuntu0.1) feisty-security; urgency=low
 .
   [ Jamie Strandboge ]
   * SECURITY UPDATE: off-by-one error in SSL_get_shared_ciphers() results in
     buffer overflow
   * ssl/ssl_lib.c: applied upstream patch from openssl CVS thanks to
     Stephan Hermann
   * References:
     CVE-2007-5135
     http://www.securityfocus.com/archive/1/archive/1/480855/100/0/threaded
     Fixes LP: #146269
   * Modify Maintainer value to match the DebianMaintainerField
     specification.
 .
   [ Kees Cook ]
   * SECURITY UPDATE: side-channel attacks via BN_from_montgomery function.
   * crypto/bn/bn_mont.c: upstream patch from openssl CVS thanks to Debian.
   * References
     CVE-2007-3108
Files: 
 5f7c71575be2444fba320a4ea5347a94 899 utils optional openssl_0.9.8c-4ubuntu0.1.dsc
 1fe689e18314f75796223804cea5da8a 46065 utils optional openssl_0.9.8c-4ubuntu0.1.diff.gz
Original-Maintainer: Debian OpenSSL Team <pkg-openssl-devel at lists.alioth.debian.org>
Package-Type: udeb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFG/WnsH/9LqRcGPm0RAonhAJ4r//BROBXMPbVQ6qz+BLNTxAwdHgCfbNbr
KQvWvbd3QDgn1M04bL+CIPk=
=eV9z
-----END PGP SIGNATURE-----





More information about the feisty-changes mailing list