Accepted openssl 0.9.7a-1 (i386 source)

To: debian-devel-changes@lists.debian.org
Subject: Accepted openssl 0.9.7a-1 (i386 source)
From: Christoph Martin <christoph.martin@uni-mainz.de>
Date: Fri, 21 Feb 2003 17:47:14 -0500
Message-id: <[🔎] E18mLwo-0006xT-00@auric.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Fri, 21 Feb 2003 22:39:40 +0100
Source: openssl
Binary: libssl0.9.7 libssl-dev openssl
Architecture: source i386
Version: 0.9.7a-1
Distribution: unstable
Urgency: high
Maintainer: Christoph Martin <christoph.martin@uni-mainz.de>
Changed-By: Christoph Martin <christoph.martin@uni-mainz.de>
Description: 
 libssl-dev - SSL development libraries, header files and documentation
 libssl0.9.7 - SSL shared libraries
 openssl    - Secure Socket Layer (SSL) binary and related cryptographic tools
Changes: 
 openssl (0.9.7a-1) unstable; urgency=high
 .
   * upstream Security fix
     - In ssl3_get_record (ssl/s3_pkt.c), minimize information leaked
       via timing by performing a MAC computation even if incorrrect
       block cipher padding has been found.  This is a countermeasure
       against active attacks where the attacker has to distinguish
       between bad padding and a MAC verification error. (CAN-2003-0078)
     for more details see the CHANGES file
Files: 
 6bd2ee3c6d819b6be25e470abd795b9d 606 utils optional openssl_0.9.7a-1.dsc
 f4304136eb0ba49962df4868d70c48d4 2777602 utils optional openssl_0.9.7a.orig.tar.gz
 3b21612fdf6f57667ddc455afed647b1 17640 utils optional openssl_0.9.7a-1.diff.gz
 7360ebd5b91f311dd6ee04ffc6d0ae9f 874706 utils optional openssl_0.9.7a-1_i386.deb
 625fbc3e69190afb23e3272ff5128857 1997538 libs standard libssl0.9.7_0.9.7a-1_i386.deb
 45205909a24a858eff1a03209eabbcf6 1728334 devel optional libssl-dev_0.9.7a-1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)

iD8DBQE+Vqs6geVih7XOVJcRAlTrAJ9BFEx/jaMim8copTgyOVnTDpii+gCfZjzM
d+1TMJI3DKDu3d5yLlQump0=
=5bAL
-----END PGP SIGNATURE-----


Accepted:
libssl-dev_0.9.7a-1_i386.deb
  to pool/main/o/openssl/libssl-dev_0.9.7a-1_i386.deb
libssl0.9.7_0.9.7a-1_i386.deb
  to pool/main/o/openssl/libssl0.9.7_0.9.7a-1_i386.deb
openssl_0.9.7a-1.diff.gz
  to pool/main/o/openssl/openssl_0.9.7a-1.diff.gz
openssl_0.9.7a-1.dsc
  to pool/main/o/openssl/openssl_0.9.7a-1.dsc
openssl_0.9.7a-1_i386.deb
  to pool/main/o/openssl/openssl_0.9.7a-1_i386.deb
openssl_0.9.7a.orig.tar.gz
  to pool/main/o/openssl/openssl_0.9.7a.orig.tar.gz

Reply to:

Prev by Date: Accepted openssl096 0.9.6i-1 (i386 source)
Next by Date: Accepted sablevm-classlib 1.0.6-1 (all source)
Previous by thread: Accepted openssl096 0.9.6i-1 (i386 source)
Next by thread: Accepted sablevm-classlib 1.0.6-1 (all source)
Index(es):
- Date
- Thread