Accepted openssl 0.9.7c-1 (i386 source)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Wed, 1 Oct 2003 08:54:27 +0200
Source: openssl
Binary: libssl0.9.7 libssl-dev openssl
Architecture: source i386
Version: 0.9.7c-1
Distribution: unstable
Urgency: high
Maintainer: Christoph Martin <christoph.martin@uni-mainz.de>
Changed-By: Christoph Martin <christoph.martin@uni-mainz.de>
Description:
libssl-dev - SSL development libraries, header files and documentation
libssl0.9.7 - SSL shared libraries
openssl - Secure Socket Layer (SSL) binary and related cryptographic tools
Closes: 190026 198594 200381 213451
Changes:
openssl (0.9.7c-1) unstable; urgency=high
.
* upstream security fix (closes: #213451)
- Fix various bugs revealed by running the NISCC test suite:
Stop out of bounds reads in the ASN1 code when presented with
invalid tags (CAN-2003-0543 and CAN-2003-0544).
Free up ASN1_TYPE correctly if ANY type is invalid (CAN-2003-0545).
If verify callback ignores invalid public key errors don't try to check
certificate signature with the NULL public key.
- In ssl3_accept() (ssl/s3_srvr.c) only accept a client certificate
if the server requested one: as stated in TLS 1.0 and SSL 3.0
specifications.
* more minor upstream bugfixes
* fix formatting in c_issuer (closes: #190026)
* fix Debian-FreeBSD support (closes: #200381)
* restart some services in postinst to make them use the new libraries
* remove duplicated openssl.1, crypto.3 and ssl.3 (closes: #198594)
Files:
3ed9ddeab2549c9791e2d3884fd7caca 617 utils optional openssl_0.9.7c-1.dsc
a1112797461c33b71b6a6d7ea9c4bc71 2792439 utils optional openssl_0.9.7c.orig.tar.gz
ec9fdf5c1f24c95f5730df484b34e5ef 19688 utils optional openssl_0.9.7c-1.diff.gz
b97c3e7abc8f687a5216619302849717 873786 utils optional openssl_0.9.7c-1_i386.deb
1780d2c9f50117e0ec5eb2234fbc3106 2006688 libs standard libssl0.9.7_0.9.7c-1_i386.deb
43a45c667db24f0db13c0d12a4793edd 1722350 libdevel optional libssl-dev_0.9.7c-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQE/eoeRgeVih7XOVJcRAn0XAKCFf1S54CHfpDQPP187fBmqzA7yOgCaAt0P
g5G/LJij9lN31qEDHKS38Cw=
=RF9H
-----END PGP SIGNATURE-----
Accepted:
libssl-dev_0.9.7c-1_i386.deb
to pool/main/o/openssl/libssl-dev_0.9.7c-1_i386.deb
libssl0.9.7_0.9.7c-1_i386.deb
to pool/main/o/openssl/libssl0.9.7_0.9.7c-1_i386.deb
openssl_0.9.7c-1.diff.gz
to pool/main/o/openssl/openssl_0.9.7c-1.diff.gz
openssl_0.9.7c-1.dsc
to pool/main/o/openssl/openssl_0.9.7c-1.dsc
openssl_0.9.7c-1_i386.deb
to pool/main/o/openssl/openssl_0.9.7c-1_i386.deb
openssl_0.9.7c.orig.tar.gz
to pool/main/o/openssl/openssl_0.9.7c.orig.tar.gz
Reply to: