testing openssl for Jessie LTS

To: debian-lts@lists.debian.org
Subject: testing openssl for Jessie LTS
From: Thorsten Alteholz <debian@alteholz.de>
Date: Mon, 19 Nov 2018 20:04:10 +0100 (CET)
Message-id: <[🔎] alpine.DEB.2.20.1811192002280.31430@jupiter.server.alteholz.net>

Hi everybody,

I uploaded version 1.0.1t-1+deb8u10 of openssl to:

https://people.debian.org/~alteholz/packages/jessie-lts/openssl/

Please give it a try and tell me about any problems you met.

Thanks!
 Thorsten


   * CVE-2018-0735
     Samuel Weiser reported a timing vulnerability in the OpenSSL ECDSA
     signature generation, which might leak information to recover the
     private key.
   * CVE-2018-5407
     Alejandro Cabrera Aldaya, Billy Brumley, Sohaib ul Hassan, Cesar
     Pereida Garcia and Nicola Tuveri reported a vulnerability to a
     timing side channel attack, which might be used to recover the
     private key.

Reply to:

Follow-Ups:
- Re: testing openssl for Jessie LTS
  - From: Markus Koschany <apo@debian.org>
- Re: testing openssl for Jessie LTS
  - From: Markus Koschany <apo@debian.org>

Prev by Date: Re: How to handle undetermined
Next by Date: Re: the way to enigmail: gnupg 2.1 backport considerations
Previous by thread: Re: How to handle undetermined
Next by thread: Re: testing openssl for Jessie LTS
Index(es):
- Date
- Thread