Accepted: openssl 0.9.8g-10.1ubuntu1 (source)

Luke Yelavich luke.yelavich at canonical.com
Tue Jun 10 03:20:13 BST 2008 

Accepted:
 OK: openssl_0.9.8g.orig.tar.gz
 OK: openssl_0.9.8g-10.1ubuntu1.diff.gz
 OK: openssl_0.9.8g-10.1ubuntu1.dsc
     -> Component: main Section: utils

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Tue, 10 Jun 2008 11:50:07 +1000
Source: openssl
Binary: openssl openssl-doc libssl0.9.8 libcrypto0.9.8-udeb libssl-dev libssl0.9.8-dbg
Architecture: source
Version: 0.9.8g-10.1ubuntu1
Distribution: intrepid
Urgency: high
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Luke Yelavich <luke.yelavich at canonical.com>
Description: 
 libcrypto0.9.8-udeb - crypto shared library - udeb
 libssl-dev - SSL development libraries, header files and documentation
 libssl0.9.8 - SSL shared libraries
 libssl0.9.8-dbg - Symbol tables for libssl and libcrypto
 openssl    - Secure Socket Layer (SSL) binary and related cryptographic tools
 openssl-doc - Secure Socket Layer (SSL) documentation
Closes: 483379 483379
Changes: 
 openssl (0.9.8g-10.1ubuntu1) intrepid; urgency=low
 .
   * Merge from debian unstable, remaining changes:
     - Use a different priority for libssl0.9.8/restart-services depending on whether
       a desktop, or server dist-upgrade is being performed.
     - Display a system restart required notification bubble on libssl0.9.8 upgrade.
     - Ship documentation in new openssl-doc package.
     - Configure: Add support for lpia.
     - Replace duplicate files in the doc directory with symlinks.
     - Link using -Bsymbolic-functions.
     - Update maintainer as per spec.
 .
 openssl (0.9.8g-10.1) unstable; urgency=high
 .
   * Non-maintainer upload by the Security team.
   * Fix denial of service if the 'Server Key exchange message'
     is omitted from a TLS handshake which could lead to a client
     crash (CVE-2008-1672; Closes: #483379).
     This only works if openssl is compiled with enable-tlsext which is
     done in Debian.
   * Fix double free in TLS server name extension which leads to a remote
     denial of service (CVE-2008-0891; Closes: #483379).
Files: 
 0da08d3170f3494c8fcf1bc361826999 914 utils optional openssl_0.9.8g-10.1ubuntu1.dsc
 06adbc42549bcfce6cd96a948b7eb96b 54025 utils optional openssl_0.9.8g-10.1ubuntu1.diff.gz
Original-Maintainer: Debian OpenSSL Team <pkg-openssl-devel at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFITd4LjVefwtBjIM4RAtazAJ9YnnI3HfSrP3eH3kIR8MtmPwvLGgCeJotT
6HpY3ZD/KF4V1bAxZ39edM0=
=g6rf
-----END PGP SIGNATURE-----

More information about the Intrepid-changes mailing list