[ubuntu/yakkety-proposed] openssl 1.0.2g-1ubuntu5 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Mon Jun 27 12:33:15 UTC 2016 

openssl (1.0.2g-1ubuntu5) yakkety; urgency=medium

  * SECURITY UPDATE: EVP_EncodeUpdate overflow
    - debian/patches/CVE-2016-2105.patch: properly check lengths in
      crypto/evp/encode.c, add documentation to
      doc/crypto/EVP_EncodeInit.pod, doc/crypto/evp.pod.
    - CVE-2016-2105
  * SECURITY UPDATE: EVP_EncryptUpdate overflow
    - debian/patches/CVE-2016-2106.patch: fix overflow in
      crypto/evp/evp_enc.c.
    - CVE-2016-2106
  * SECURITY UPDATE: Padding oracle in AES-NI CBC MAC check
    - debian/patches/CVE-2016-2107.patch: check that there are enough
      padding characters in crypto/evp/e_aes_cbc_hmac_sha1.c,
      crypto/evp/e_aes_cbc_hmac_sha256.c.
    - CVE-2016-2107
  * SECURITY UPDATE: Memory corruption in the ASN.1 encoder
    - debian/patches/CVE-2016-2108.patch: fix ASN1_INTEGER handling in
      crypto/asn1/a_type.c, crypto/asn1/asn1.h, crypto/asn1/tasn_dec.c,
      crypto/asn1/tasn_enc.c.
    - CVE-2016-2108
  * SECURITY UPDATE: ASN.1 BIO excessive memory allocation
    - debian/patches/CVE-2016-2109.patch: properly handle large amounts of
      data in crypto/asn1/a_d2i_fp.c.
    - CVE-2016-2109

Date: Thu, 23 Jun 2016 08:33:31 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu5
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 23 Jun 2016 08:33:31 -0400
Source: openssl
Binary: openssl libssl1.0.0 libcrypto1.0.0-udeb libssl1.0.0-udeb libssl-dev libssl-doc libssl1.0.0-dbg
Architecture: source
Version: 1.0.2g-1ubuntu5
Distribution: yakkety
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
 libcrypto1.0.0-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb)
 libssl-dev - Secure Sockets Layer toolkit - development files
 libssl-doc - Secure Sockets Layer toolkit - development documentation
 libssl1.0.0 - Secure Sockets Layer toolkit - shared libraries
 libssl1.0.0-dbg - Secure Sockets Layer toolkit - debug information
 libssl1.0.0-udeb - ssl shared library - udeb (udeb)
 openssl    - Secure Sockets Layer toolkit - cryptographic utility
Changes:
 openssl (1.0.2g-1ubuntu5) yakkety; urgency=medium
 .
   * SECURITY UPDATE: EVP_EncodeUpdate overflow
     - debian/patches/CVE-2016-2105.patch: properly check lengths in
       crypto/evp/encode.c, add documentation to
       doc/crypto/EVP_EncodeInit.pod, doc/crypto/evp.pod.
     - CVE-2016-2105
   * SECURITY UPDATE: EVP_EncryptUpdate overflow
     - debian/patches/CVE-2016-2106.patch: fix overflow in
       crypto/evp/evp_enc.c.
     - CVE-2016-2106
   * SECURITY UPDATE: Padding oracle in AES-NI CBC MAC check
     - debian/patches/CVE-2016-2107.patch: check that there are enough
       padding characters in crypto/evp/e_aes_cbc_hmac_sha1.c,
       crypto/evp/e_aes_cbc_hmac_sha256.c.
     - CVE-2016-2107
   * SECURITY UPDATE: Memory corruption in the ASN.1 encoder
     - debian/patches/CVE-2016-2108.patch: fix ASN1_INTEGER handling in
       crypto/asn1/a_type.c, crypto/asn1/asn1.h, crypto/asn1/tasn_dec.c,
       crypto/asn1/tasn_enc.c.
     - CVE-2016-2108
   * SECURITY UPDATE: ASN.1 BIO excessive memory allocation
     - debian/patches/CVE-2016-2109.patch: properly handle large amounts of
       data in crypto/asn1/a_d2i_fp.c.
     - CVE-2016-2109
Checksums-Sha1:
 31e6c92825dfe4def12cf5992ea7435b68d86973 2427 openssl_1.0.2g-1ubuntu5.dsc
 0f7afa719de2dc3a46ce8f26a683249f16d9b669 190436 openssl_1.0.2g-1ubuntu5.debian.tar.xz
Checksums-Sha256:
 de63ea694bcf288dd9546b4fea584f3a19398af3d72f64036d4d4cded797572f 2427 openssl_1.0.2g-1ubuntu5.dsc
 756c51a5b5b887d448ddcdaa527082cf705f0f24c7d01329fa1c8d3dbcbd3fb5 190436 openssl_1.0.2g-1ubuntu5.debian.tar.xz
Files:
 1be49036e21cd3df562ebadf03656ca4 2427 utils optional openssl_1.0.2g-1ubuntu5.dsc
 3b45db4eca83f6dbe437272538362fa5 190436 utils optional openssl_1.0.2g-1ubuntu5.debian.tar.xz
Original-Maintainer: Debian OpenSSL Team <pkg-openssl-devel at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJXcRwvAAoJEGVp2FWnRL6T4cYP/1tXgnqaDNflAaiHReBw2TzX
jhfplnRBN/FeMtZ5C+Y+JWOOLQmnGpDA0YgL84b9sET3Kd9CN47TVytB9QOe5z6Y
AssNuWW/JrcKhtcHBYLk+0UccQaPS2l1yaNKcmvVcA50ob6mwWsyt6sa3tRVbR+j
Lbmnum2+WaeqrtZEt+lBKqiVGcMpTGfDAUsf/QSUa9bXHNQEunsJwkAtm+Xc9Zbc
Uwez+iBqFKhpWO47gZm/nWabCefz13r57SP7sGoqzAWv9pO2nCVYU3ucGUH/A8xr
7ylGZ6/tLI/6NUWWXNfblxC2rCsyu09KsqUfOnqsjC8dL8f4/um5k2AExmCqjl9a
1/ygUEWQOLIdT16OtuIByqRVdlEmlTvXX0Ek9nRGZ1Stt9avlPAEzqTdn3Mff6WQ
DeT+/rrH9KukjTzyIJZ5eSQaGpL/1jEuDPeYG6QX4A5cPXAkWu3qrNsFqIC5QHOx
X9h1RewczN7u59dc3QJVdoXAYvw9gT6To2mYMkGZinzLokj2pnNeVUq7u+uG8vPC
bchhyJAd6LPWJl9jBzLUO4rU/SwsLCDGcFPOcf3IKVhtB+xCkfjQk1nWeywVC6ny
ko/hq4xGcxhyq08ld/now9rDFxKiiIXPVtmUjzf4W/OJgNqYY1cuETmRJjnRpkiI
skMi3RFGsnRZfrwLfjBw
=fZ63
-----END PGP SIGNATURE-----

More information about the Yakkety-changes mailing list