[Bug 675566] Re: Merge 1.0.0d-2 from debian/unstable

Launchpad Bug Tracker 675566 at bugs.launchpad.net
Mon May 2 00:10:12 UTC 2011 

This bug was fixed in the package openssl - 1.0.0d-2ubuntu1

---------------
openssl (1.0.0d-2ubuntu1) oneiric; urgency=low

  * Resynchronise with Debian (LP: #675566).  Remaining changes:
    - debian/libssl1.0.0.postinst:
      + Display a system restart required notification bubble on libssl1.0.0
        upgrade.
      + Use a different priority for libssl1.0.0/restart-services depending
        on whether a desktop, or server dist-upgrade is being performed.
    - debian/{libssl1.0.0-udeb.dirs, control, rules}: Create
      libssl1.0.0-udeb, for the benefit of wget-udeb (no wget-udeb package
      in Debian).
    - debian/{libcrypto1.0.0-udeb.dirs, libssl1.0.0.dirs, libssl1.0.0.files,
      rules}: Move runtime libraries to /lib, for the benefit of
      wpasupplicant.
    - debian/patches/aesni.patch: Backport Intel AES-NI support, now from
      http://rt.openssl.org/Ticket/Display.html?id=2065 rather than the
      0.9.8 variant.
    - debian/patches/Bsymbolic-functions.patch: Link using
      -Bsymbolic-functions.
    - debian/patches/perlpath-quilt.patch: Don't change perl #! paths under
      .pc.
    - debian/rules:
      + Don't run 'make test' when cross-building.
      + Use host compiler when cross-building.  Patch from Neil Williams.
      + Don't build for processors no longer supported: i486, i586 (on
        i386), v8 (on sparc).
      + Fix Makefile to properly clean up libs/ dirs in clean target.
      + Replace duplicate files in the doc directory with symlinks.
  * Update architectures affected by Bsymbolic-functions.patch.
  * Drop debian/patches/no-sslv2.patch; Debian now adds the 'no-ssl2'
    configure option, which compiles out SSLv2 support entirely, so this is
    no longer needed.
  * Drop openssl-doc in favour of the libssl-doc package introduced by
    Debian.  Add Conflicts/Replaces until the next LTS release.

openssl (1.0.0d-2) unstable; urgency=high

  * Make c_rehash also generate the old subject hash.  Gnutls applications
    seem to require it.  (Closes: #611102)

openssl (1.0.0d-1) unstable; urgency=low

  * New upstream version
    - Fixes CVE-2011-0014
  * Make libssl-doc Replaces/Breaks with old libssl-dev packages
    (Closes: #607609)
  * Only export the symbols we should, instead of all.
  * Add symbol file.
  * Upload to unstable

openssl (1.0.0c-2) experimental; urgency=low

  * Set $ in front of {sparcv9_asm} so that the sparc v9 variant builds.
  * Always define _GNU_SOURCE, not only for Linux.
  * Drop SSL2 support (Closes: #589706)

openssl (1.0.0c-1) experimental; urgency=low

  * New upstream version (Closes: #578376)
    - New soname: Rename library packages
    - Drop patch perl-path.diff, not needed anymore
    - Drop patches CVE-2010-2939.patch, CVE-2010-3864.patch
      and CVE-2010-4180.patch: applied upstream.
    - Update Configure for the new fields for the assembler options
      per arch.  alpha now makes use of assembler.
  * Move man3 manpages and demos to libssl-doc (Closes: #470594)
  * Drop .pod files from openssl package (Closes: #518167)
  * Don't use RC4_CHAR on amd64 and drop rc4-amd64.patch
  * Stop using BF_PTR2 on (kfreebd-)amd64.
  * Drop debian-arm from the list of arches.
  * Update arm arches to use BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL
    BF_PTR instead of BN_LLONG DES_RISC1
  * ia64: Drop RC4_CHAR, add DES_UNROLL DES_INT
  * powerpc: Use RC4_CHAR RC4_CHUNK DES_RISC1 instead
    of DES_RISC2 DES_PTR MD2_CHAR RC4_INDEX
  * s390: Use RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL instead of BN_LLONG
 -- Colin Watson <cjwatson at ubuntu.com>   Sun, 01 May 2011 23:51:53 +0100

** Changed in: openssl (Ubuntu)
       Status: Confirmed => Fix Released

** Bug watch added: OpenSSL RT #2065
   http://rt.openssl.org/Ticket/Display.html?id=2065

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-2939

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3864

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-4180

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-0014

-- 
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is a direct subscriber.
https://bugs.launchpad.net/bugs/675566

Title:
  Merge 1.0.0d-2 from debian/unstable

Status in “openssl” package in Ubuntu:
  Fix Released
Status in “openssl” package in Debian:
  Fix Released

Bug description:
  Binary package hint: openssl

  Natty still have 0.9.8o

  the latest is 1.0.0a with lot of bug and security fixes. Please update
  this package.

  01-Jun-2010:       OpenSSL 1.0.0a is now available, including
  important bug and security fixes

  http://www.openssl.org/

  ProblemType: Bug
  DistroRelease: Ubuntu 11.04
  Package: openssl 0.9.8o-1ubuntu4.1
  ProcVersionSignature: Ubuntu 2.6.37-3.11-generic-pae 2.6.37-rc1
  Uname: Linux 2.6.37-3-generic-pae i686
  NonfreeKernelModules: nvidia
  Architecture: i386
  Date: Mon Nov 15 15:46:52 2010
  ProcEnviron:
   LANG=fr_FR.utf8
   SHELL=/bin/bash
  SourcePackage: openssl

More information about the Ubuntu-sponsors mailing list