[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted openssl 0.9.8o-3~bpo50+1 (source i386)

Hash: SHA1

Format: 1.8
Date: Tue, 07 Dec 2010 03:22:47 +0000
Source: openssl
Binary: openssl libssl0.9.8 libcrypto0.9.8-udeb libssl-dev libssl0.9.8-dbg
Architecture: source i386
Version: 0.9.8o-3~bpo50+1
Distribution: lenny-backports
Urgency: high
Maintainer: Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>
Changed-By: Andres Salomon <dilinger@debian.org>
 libcrypto0.9.8-udeb - crypto shared library - udeb (udeb)
 libssl-dev - SSL development libraries, header files and documentation
 libssl0.9.8 - SSL shared libraries
 libssl0.9.8-dbg - Symbol tables for libssl and libcrypto
 openssl    - Secure Socket Layer (SSL) binary and related cryptographic tools
Closes: 522002 528648 530400 530459 532037 532336 532336 539899 541735 555829 560240 570702 571810 571940 579805 592154 594415 596166 596881 599459 601536 603693 603709
 openssl (0.9.8o-3~bpo50+1) lenny-backports; urgency=low
   * Rebuild for lenny-backports.
   * Add myself as an uploader.
 openssl (0.9.8o-3) unstable; urgency=high
   * Fix TLS extension parsing race condition (CVE-2010-3864) (Closes: #603709)
   * Re-add the engines.  They were missing since 0.9.8m-1.
     Patch by Joerg Schneider. (Closes: #603693)
   * Not all architectures were build using -g (Closes: #570702)
   * Add powerpcspe support (Closes: #579805)
   * Add armhf support (Closes: #596881)
   * Update translations:
     - Brazilian Portuguese (Closes: #592154)
     - Danish (Closes: #599459)
     - Vietnamese (Closes: #601536)
     - Arabic (Closes: #596166)
   * Generate the proper stamp file so that everything doesn't get build twice.
 openssl (0.9.8o-2) unstable; urgency=high
   * Fix CVE-2010-2939: Double free using ECDH. (Closes: #594415)
 openssl (0.9.8o-1) unstable; urgency=low
   * New upstream version
     - Add SHA2 algorithms to SSL_library_init().
     - aes-x86_64.pl is now PIC, update pic.patch.
   * Add sparc64 support (Closes: #560240)
 openssl (0.9.8n-1) unstable; urgency=high
   * New upstream version.
     - Fixes CVE-2010-0740.
     - Drop cfb.patch, applied upstream.
 openssl (0.9.8m-2) unstable; urgency=low
   * Revert CFB block length change preventing reading older files.
     (Closes: #571810, #571940)
 openssl (0.9.8m-1) unstable; urgency=low
   * New upstream version
     - Implements RFC5746, reenables renegotiation but requires the extension.
     - Fixes CVE-2009-3245
     - Drop patches CVE-2009-4355.patch, CVE-2009-1378.patch,
       CVE-2009-1377.patch, CVE-2009-1379.patch, CVE-2009-3555.patch,
       CVE-2009-2409.patch, CVE-2009-1387.patch, tls_ext_v3.patch,
       no_check_self_signed.patch: applied upstream
     - pk7_mime_free.patch removed, code rewritten
     - ca.diff partially applied upstream
     - engines-path.patch adjusted, upstream made some minor changes to the
       build system.
     - some flags changed values, bump shlibs.
   * Switch to 3.0 (quilt) source package.
   * Make sure the package is properly cleaned.
   * Add ${misc:Depends} to the Depends on all packages.
   * Fix spelling of extension in the changelog file.
 openssl (0.9.8k-8) unstable; urgency=high
   * Clean up zlib state so that it will be reinitialized on next use and
     not cause a memory leak.  (CVE-2009-4355, CVE-2008-1678)
 openssl (0.9.8k-7) unstable; urgency=low
   * Bump the shlibs to require 0.9.8k-1.  The following symbols
     to added between g and k: AES_wrap_key, AES_unwrap_key,
     ASN1_TYPE_set1, ASN1_STRING_set0, asn1_output_data_fn,
     SMIME_read_ASN1, BN_X931_generate_Xpq, BN_X931_derive_prime_ex,
     BN_X931_generate_prime_ex, COMP_zlib_cleanup, CRYPTO_malloc_debug_init,
     int_CRYPTO_set_do_dynlock_callback, CRYPTO_set_mem_info_functions,
     CRYPTO_strdup, CRYPTO_dbg_push_info, CRYPTO_dbg_pop_info,
     CRYPTO_dbg_remove_all_info, OPENSSL_isservice, OPENSSL_init,
     ENGINE_get_ssl_client_cert_function, ENGINE_load_ssl_client_cert,
     EVP_CIPHER_CTX_set_flags, EVP_CIPHER_CTX_clear_flags,
     EVP_CIPHER_CTX_test_flags, HMAC_CTX_set_flags, OCSP_sendreq_new
     OCSP_sendreq_nbio, OCSP_REQ_CTX_free, RSA_X931_derive_ex,
     RSA_X931_generate_key_ex, X509_ALGOR_set0, X509_ALGOR_get0,
     X509at_get0_data_by_OBJ, X509_get1_ocsp
 openssl (0.9.8k-6) unstable; urgency=low
   * Disable SSL/TLS renegotiation (CVE-2009-3555) (Closes: #555829)
 openssl (0.9.8k-5) unstable; urgency=low
   * Don't check self signed certificate signatures in X509_verify_cert()
     (Closes: #541735)
 openssl (0.9.8k-4) unstable; urgency=low
   * Split all the patches into a separate files
   * Stop undefinging HZ, the issue on alpha should be fixed.
   * Remove MD2 from digest algorithm table.  (CVE-2009-2409) (Closes: #539899)
 openssl (0.9.8k-3) unstable; urgency=low
   * Make rc4-x86_64 PIC.  Based on patch from Petr Salinger (Closes: #532336)
   * Add workaround for kfreebsd that can't see the different between
     two pipes.  Patch from Petr Salinger.
 openssl (0.9.8k-2) unstable; urgency=low
   * Move libssl0.9.8-dbg to the debug section.
   * Use the rc4 assembler on kfreebsd-amd64 (Closes: #532336)
   * Split the line to generate md5-x86_64.s in the Makefile.  This will
     hopefully fix the build issue on kfreebsd that now outputs the file
     to stdout instead of the file.
   * Fix denial of service via an out-of-sequence DTLS handshake message
     (CVE-2009-1387) (Closes: #532037)
 openssl (0.9.8k-1) unstable; urgency=low
   * New upstream release
     - 0.9.8i fixed denial of service via a DTLS ChangeCipherSpec packet
       that occurs before ClientHello (CVE-2009-1386)
   * Make aes-x86_64.pl use PIC.
   * Fix security issues (Closes: #530400)
     - "DTLS record buffer limitation bug." (CVE-2009-1377)
     - "DTLS fragment handling" (CVE-2009-1378)
     - "DTLS use after free" (CVE-2009-1379)
   * Fixed Configure for hurd: use -mtune=i486 instead of -m486
     Patch by Marc Dequènes (Duck) <duck@hurdfr.org> (Closes: #530459)
   * Add support for avr32 (Closes: #528648)
 openssl (0.9.8g-16) unstable; urgency=high
   * Properly validate the length of an encoded BMPString and UniversalString
     (CVE-2009-0590)  (Closes: #522002)
 64f4447615561ce2c7155ad62716cf165bde366a 1397 openssl_0.9.8o-3~bpo50+1.dsc
 80c73afc7dca790cd26936cb392a4dfd14d4e4d7 3772542 openssl_0.9.8o.orig.tar.gz
 9824b2be7dd4245af133a3ef111cb8e8dcd29c50 59299 openssl_0.9.8o-3~bpo50+1.debian.tar.gz
 66c3ca2c24c181e9b4a486751caf31af2b11af1f 1052914 openssl_0.9.8o-3~bpo50+1_i386.deb
 f3eecbb38bdb89a2da5cdcc4218caf631ad3e9a3 3062536 libssl0.9.8_0.9.8o-3~bpo50+1_i386.deb
 5015a7cb53f7a6a92a1903df85e1df2e98e033a0 597774 libcrypto0.9.8-udeb_0.9.8o-3~bpo50+1_i386.udeb
 e0c9a2b800245a940dd82acb437720fd8ebcc501 2157840 libssl-dev_0.9.8o-3~bpo50+1_i386.deb
 f50564a59db11804d389199b691d33c47a277cea 5580252 libssl0.9.8-dbg_0.9.8o-3~bpo50+1_i386.deb
 2af58650ec51b0b00891ea51d36bf1e76871de0b4873a94651dd56e56b4b4b2f 1397 openssl_0.9.8o-3~bpo50+1.dsc
 befada1ac3819b1d317df8197b5e82ec768b39d250fcbef81e2b1cb7f165d448 3772542 openssl_0.9.8o.orig.tar.gz
 53a494e3b4a5d2b3e8e5396c22752677b16a6864c7b7c06baab5767c8cebe8c5 59299 openssl_0.9.8o-3~bpo50+1.debian.tar.gz
 95314fa0242de4fa43e13aea263c5d5bc55e213b2b55e405558f656f5a44b451 1052914 openssl_0.9.8o-3~bpo50+1_i386.deb
 05e42af94990b21a8ffa64bb548c96b3e9db5ccdb201feee520bcb03db42ce86 3062536 libssl0.9.8_0.9.8o-3~bpo50+1_i386.deb
 5f013fefc63574167f32548890d757e32d08daee7600d9ae0dc4b86aa1e061ff 597774 libcrypto0.9.8-udeb_0.9.8o-3~bpo50+1_i386.udeb
 4697117f28d25eb66216e9f39149fb6388622753f9f7b1cb5298eef10487c6e2 2157840 libssl-dev_0.9.8o-3~bpo50+1_i386.deb
 3a7808abeb79a011d189696bdd12235ee78d0a33737f49f826e303198dc8a205 5580252 libssl0.9.8-dbg_0.9.8o-3~bpo50+1_i386.deb
 004aadff61a33fd1327b360a2bae175d 1397 utils optional openssl_0.9.8o-3~bpo50+1.dsc
 63ddc5116488985e820075e65fbe6aa4 3772542 utils optional openssl_0.9.8o.orig.tar.gz
 d396b010da9828f4139c7e14fc02abc0 59299 utils optional openssl_0.9.8o-3~bpo50+1.debian.tar.gz
 2ecd0a050ac4bb35a126fde2bdbc7446 1052914 utils optional openssl_0.9.8o-3~bpo50+1_i386.deb
 7973f4d2e17faaa805e450cb60e3dcd1 3062536 libs important libssl0.9.8_0.9.8o-3~bpo50+1_i386.deb
 1ec189deeb6078f213c707bae6ed6937 597774 debian-installer optional libcrypto0.9.8-udeb_0.9.8o-3~bpo50+1_i386.udeb
 c72e7b137a7849dd0fbdba8d01aadb8e 2157840 libdevel optional libssl-dev_0.9.8o-3~bpo50+1_i386.deb
 347fd57b8f2c3a066a19f3e294fc56ef 5580252 debug extra libssl0.9.8-dbg_0.9.8o-3~bpo50+1_i386.deb
Package-Type: udeb

Version: GnuPG v1.4.10 (GNU/Linux)


  to main/o/openssl/libcrypto0.9.8-udeb_0.9.8o-3~bpo50+1_i386.udeb
  to main/o/openssl/libssl-dev_0.9.8o-3~bpo50+1_i386.deb
  to main/o/openssl/libssl0.9.8-dbg_0.9.8o-3~bpo50+1_i386.deb
  to main/o/openssl/libssl0.9.8_0.9.8o-3~bpo50+1_i386.deb
  to main/o/openssl/openssl_0.9.8o-3~bpo50+1.debian.tar.gz
  to main/o/openssl/openssl_0.9.8o-3~bpo50+1.dsc
  to main/o/openssl/openssl_0.9.8o-3~bpo50+1_i386.deb
  to main/o/openssl/openssl_0.9.8o.orig.tar.gz

Reply to: