Accepted openssl 0.9.7c-1 (i386 source)

To: debian-devel-changes@lists.debian.org
Subject: Accepted openssl 0.9.7c-1 (i386 source)
From: Christoph Martin <christoph.martin@uni-mainz.de>
Date: Wed, 01 Oct 2003 04:17:51 -0400
Message-id: <[🔎] E1A4cBD-0005he-00@auric.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Wed,  1 Oct 2003 08:54:27 +0200
Source: openssl
Binary: libssl0.9.7 libssl-dev openssl
Architecture: source i386
Version: 0.9.7c-1
Distribution: unstable
Urgency: high
Maintainer: Christoph Martin <christoph.martin@uni-mainz.de>
Changed-By: Christoph Martin <christoph.martin@uni-mainz.de>
Description: 
 libssl-dev - SSL development libraries, header files and documentation
 libssl0.9.7 - SSL shared libraries
 openssl    - Secure Socket Layer (SSL) binary and related cryptographic tools
Closes: 190026 198594 200381 213451
Changes: 
 openssl (0.9.7c-1) unstable; urgency=high
 .
   * upstream security fix (closes: #213451)
    - Fix various bugs revealed by running the NISCC test suite:
      Stop out of bounds reads in the ASN1 code when presented with
      invalid tags (CAN-2003-0543 and CAN-2003-0544).
      Free up ASN1_TYPE correctly if ANY type is invalid (CAN-2003-0545).
      If verify callback ignores invalid public key errors don't try to check
      certificate signature with the NULL public key.
    - In ssl3_accept() (ssl/s3_srvr.c) only accept a client certificate
      if the server requested one: as stated in TLS 1.0 and SSL 3.0
      specifications.
   * more minor upstream bugfixes
   * fix formatting in c_issuer (closes: #190026)
   * fix Debian-FreeBSD support (closes: #200381)
   * restart some services in postinst to make them use the new libraries
   * remove duplicated openssl.1, crypto.3 and ssl.3 (closes: #198594)
Files: 
 3ed9ddeab2549c9791e2d3884fd7caca 617 utils optional openssl_0.9.7c-1.dsc
 a1112797461c33b71b6a6d7ea9c4bc71 2792439 utils optional openssl_0.9.7c.orig.tar.gz
 ec9fdf5c1f24c95f5730df484b34e5ef 19688 utils optional openssl_0.9.7c-1.diff.gz
 b97c3e7abc8f687a5216619302849717 873786 utils optional openssl_0.9.7c-1_i386.deb
 1780d2c9f50117e0ec5eb2234fbc3106 2006688 libs standard libssl0.9.7_0.9.7c-1_i386.deb
 43a45c667db24f0db13c0d12a4793edd 1722350 libdevel optional libssl-dev_0.9.7c-1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/eoeRgeVih7XOVJcRAn0XAKCFf1S54CHfpDQPP187fBmqzA7yOgCaAt0P
g5G/LJij9lN31qEDHKS38Cw=
=RF9H
-----END PGP SIGNATURE-----


Accepted:
libssl-dev_0.9.7c-1_i386.deb
  to pool/main/o/openssl/libssl-dev_0.9.7c-1_i386.deb
libssl0.9.7_0.9.7c-1_i386.deb
  to pool/main/o/openssl/libssl0.9.7_0.9.7c-1_i386.deb
openssl_0.9.7c-1.diff.gz
  to pool/main/o/openssl/openssl_0.9.7c-1.diff.gz
openssl_0.9.7c-1.dsc
  to pool/main/o/openssl/openssl_0.9.7c-1.dsc
openssl_0.9.7c-1_i386.deb
  to pool/main/o/openssl/openssl_0.9.7c-1_i386.deb
openssl_0.9.7c.orig.tar.gz
  to pool/main/o/openssl/openssl_0.9.7c.orig.tar.gz

Reply to:

Prev by Date: Accepted xosd 2.2.7-1 (i386 source)
Next by Date: Accepted vte 1:0.10.29-6 (i386 source all)
Previous by thread: Accepted xosd 2.2.7-1 (i386 source)
Next by thread: Accepted vte 1:0.10.29-6 (i386 source all)
Index(es):
- Date
- Thread