[Pkg-openssl-devel] openssl_1.1.0j-1~deb9u1_source.changes ACCEPTED into proposed-updates->stable-new, proposed-updates

Debian FTP Masters ftpmaster at ftp-master.debian.org
Mon Dec 3 21:47:10 GMT 2018



Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 28 Nov 2018 23:43:08 +0100
Source: openssl
Binary: openssl libssl1.1 libcrypto1.1-udeb libssl1.1-udeb libssl-dev libssl-doc
Architecture: source
Version: 1.1.0j-1~deb9u1
Distribution: stretch-security
Urgency: medium
Maintainer: Debian OpenSSL Team <pkg-openssl-devel at lists.alioth.debian.org>
Changed-By: Sebastian Andrzej Siewior <sebastian at breakpoint.cc>
Description:
 libcrypto1.1-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb)
 libssl-dev - Secure Sockets Layer toolkit - development files
 libssl-doc - Secure Sockets Layer toolkit - development documentation
 libssl1.1  - Secure Sockets Layer toolkit - shared libraries
 libssl1.1-udeb - ssl shared library - udeb (udeb)
 openssl    - Secure Sockets Layer toolkit - cryptographic utility
Closes: 903566 907457
Changes:
 openssl (1.1.0j-1~deb9u1) stretch-security; urgency=medium
 .
   * Import 1.1.0j
     - CVE-2018-0734 (Timing vulnerability in DSA signature generation)
     - CVE-2018-0735 (Timing vulnerability in ECDSA signature generation)
     - add new symbols
 .
 openssl (1.1.0i-1~deb9u1) stretch; urgency=medium
 .
   * Import 1.1.0i
     - Fix segfault ERR_clear_error (Closes: #903566)
     - Fix commandline option for CAengine (Closes: #907457)
     - CVE-2018-0732 (Client DoS due to large DH parameter)
     - CVE-2018-0737 (Cache timing vulnerability in RSA Key Generation)
   * Abort the build if symbols are discovered which are not part of the
     symbols file.
   * use signing-key.asc and a https links for downloads
Checksums-Sha1:
 d17f08678d72b94d3056c9706c245ebf1711dd3e 2611 openssl_1.1.0j-1~deb9u1.dsc
 dcad1efbacd9a4ed67d4514470af12bbe2a1d60a 5411919 openssl_1.1.0j.orig.tar.gz
 062f7c43a2a7a93d9cba47ac9b7a03a9e250cf2b 488 openssl_1.1.0j.orig.tar.gz.asc
 3873b1355e8badf12b0ab71bc8a6d7dd09d17900 71944 openssl_1.1.0j-1~deb9u1.debian.tar.xz
 5d19bb0f76c3c045ab4951690b4f9c49087baad5 6188 openssl_1.1.0j-1~deb9u1_source.buildinfo
Checksums-Sha256:
 3c4f9e2af00c7595218d05d09635746f7edfd13b6c08b6266cd386b195c7889b 2611 openssl_1.1.0j-1~deb9u1.dsc
 31bec6c203ce1a8e93d5994f4ed304c63ccf07676118b6634edded12ad1b3246 5411919 openssl_1.1.0j.orig.tar.gz
 e162322dce0b98f92401a48ba5f088ded64ee308a54580ed9edc3edafd85eebf 488 openssl_1.1.0j.orig.tar.gz.asc
 737db70af006b984b914ba63ac8cbf012cb0db43df5e31f7dfa95d0b5890910b 71944 openssl_1.1.0j-1~deb9u1.debian.tar.xz
 90bab6fa8ae79f7b78f9b29beacc7e8a91639fa2971bfea54ed21ed280ed8fb5 6188 openssl_1.1.0j-1~deb9u1_source.buildinfo
Files:
 f84cb2f42b1eadad18d2fd48a51bfdf0 2611 utils optional openssl_1.1.0j-1~deb9u1.dsc
 b4ca5b78ae6ae79da80790b30dbedbdc 5411919 utils optional openssl_1.1.0j.orig.tar.gz
 7376a4d19efd082b3b95f018344f3d92 488 utils optional openssl_1.1.0j.orig.tar.gz.asc
 25c3593423811a404008f2dd56410298 71944 utils optional openssl_1.1.0j-1~deb9u1.debian.tar.xz
 5e14ce90b49e8c328b6fdd880741b492 6188 utils optional openssl_1.1.0j-1~deb9u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEZCVGlf/wqkRmzBnme5boFiqM9dEFAlv/IKAACgkQe5boFiqM
9dE9wQ//RZBb5YNoMJUQ5umfL0BtvXUY0JvbR3Z5Y03q8tdsHbFfnHM6lKPjLijW
ftTS6LZMUxtsIaScNIkW6eGDGL3ShA1PHpvOQMmUG7cl87LG2OjRK+9yzt3vv2S1
CeJ3mpLve3ZAp4GZNkiPFqdESjOj9QwizxBPzkk3nox5i+GoKBhOYSIukIP1Q7/h
IjNAELnLoPnDsnmnzw50eIEM6gNJZt95b3x4uUNig+QrD3na6i1eiMubnVjzFFAV
ZPx2C/Ty682pOKsn8MVxRUVvGl3mdgnPQdKf3IHL0aX7HYR3TAFmMNFXrufyOkYn
Akp58kBKr2FiineQWaWUujJSxQl6UOo7iRFC3Aezlz1P8vPRzZJiF2LMeoS5vFkZ
apDO8yKZkGe2hjjtYUbLcgBhgjkOwh1rHT0/EnDyiEFwuFynUWXcZD8LbILG18OQ
ykBjoiHumUprrip+I8qgGTCHlWgegLLxFAYNAPQIRl4Lq4gblnrBnSl4h/78DPxI
5YwQuN9lPqNEu8cYx48nsyNqySB97bgxRF0LO/cGFrj2iqA3jfEYfchnNSuCQvDs
aJoSAl4+IlhsgJx/Hmfb4+iGy8Z6dAXcFs9SxsBCKa0qljRmynMT/PuM9oXFxsJC
WOAvFk+HC4i0FqD4k8cN4OV/iEaN7pwRtBA9iIlMgvhHNCir4GI=
=Ps41
-----END PGP SIGNATURE-----


Thank you for your contribution to Debian.



More information about the Pkg-openssl-devel mailing list