Accepted openssl 0.9.7b-1 (i386 source)

To: debian-devel-changes@lists.debian.org
Subject: Accepted openssl 0.9.7b-1 (i386 source)
From: Christoph Martin <christoph.martin@uni-mainz.de>
Date: Wed, 16 Apr 2003 05:32:17 -0400
Message-id: <[🔎] E195jH7-0000V5-00@auric.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Wed, 16 Apr 2003 10:32:57 +0200
Source: openssl
Binary: libssl0.9.7 libssl-dev openssl
Architecture: source i386
Version: 0.9.7b-1
Distribution: unstable
Urgency: high
Maintainer: Christoph Martin <christoph.martin@uni-mainz.de>
Changed-By: Christoph Martin <christoph.martin@uni-mainz.de>
Description: 
 libssl-dev - SSL development libraries, header files and documentation
 libssl0.9.7 - SSL shared libraries
 openssl    - Secure Socket Layer (SSL) binary and related cryptographic tools
Closes: 189087
Changes: 
 openssl (0.9.7b-1) unstable; urgency=high
 .
   * upstream security fix
    - Countermeasure against the Klima-Pokorny-Rosa extension of
      Bleichbacher's attack on PKCS #1 v1.5 padding: treat
      a protocol version number mismatch like a decryption error
      in ssl3_get_client_key_exchange (ssl/s3_srvr.c). (CAN-2003-0131)
     (closes: #189087)
    - Turn on RSA blinding by default in the default implementation
      to avoid a timing attack. Applications that don't want it can call
      RSA_blinding_off() or use the new flag RSA_FLAG_NO_BLINDING.
      They would be ill-advised to do so in most cases. (CAN-2003-0147)
    - Change RSA blinding code so that it works when the PRNG is not
      seeded (in this case, the secret RSA exponent is abused as
      an unpredictable seed -- if it is not unpredictable, there
      is no point in blinding anyway).  Make RSA blinding thread-safe
      by remembering the creator's thread ID in rsa->blinding and
      having all other threads use local one-time blinding factors
      (this requires more computation than sharing rsa->blinding, but
      avoids excessive locking; and if an RSA object is not shared
      between threads, blinding will still be very fast).
     for more details see the CHANGES file
Files: 
 65101fa08603c0e9872f9534184f6f15 606 utils optional openssl_0.9.7b-1.dsc
 087fba2616f3d8a68184e8606e4cdd93 2785672 utils optional openssl_0.9.7b.orig.tar.gz
 ab1e1ab47055c805ca9fc84dd0490c22 18099 utils optional openssl_0.9.7b-1.diff.gz
 188bc25f60df3fa1c6744c4e2e2fa2f7 876518 utils optional openssl_0.9.7b-1_i386.deb
 bf8e11ce354216d6109406fbbb34963f 2002002 libs standard libssl0.9.7_0.9.7b-1_i386.deb
 a9268dba54da0c8905c70e951b3cac6d 1730466 devel optional libssl-dev_0.9.7b-1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)

iD8DBQE+nSJCgeVih7XOVJcRAih7AJ9r5U//1avBbrGTjz4mnuptBJCddACfT4rb
9/NiZx7wv6r1h+ogvMyBbfs=
=+K6Q
-----END PGP SIGNATURE-----


Accepted:
libssl-dev_0.9.7b-1_i386.deb
  to pool/main/o/openssl/libssl-dev_0.9.7b-1_i386.deb
libssl0.9.7_0.9.7b-1_i386.deb
  to pool/main/o/openssl/libssl0.9.7_0.9.7b-1_i386.deb
openssl_0.9.7b-1.diff.gz
  to pool/main/o/openssl/openssl_0.9.7b-1.diff.gz
openssl_0.9.7b-1.dsc
  to pool/main/o/openssl/openssl_0.9.7b-1.dsc
openssl_0.9.7b-1_i386.deb
  to pool/main/o/openssl/openssl_0.9.7b-1_i386.deb
openssl_0.9.7b.orig.tar.gz
  to pool/main/o/openssl/openssl_0.9.7b.orig.tar.gz

Reply to:

Prev by Date: Accepted wmsun 1.03-10 (i386 source)
Next by Date: Accepted gdeskcal 0.40-1 (all source)
Previous by thread: Accepted wmsun 1.03-10 (i386 source)
Next by thread: Accepted gdeskcal 0.40-1 (all source)
Index(es):
- Date
- Thread