-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 28 Nov 2018 23:43:08 +0100 Source: openssl Binary: openssl libssl1.1 libcrypto1.1-udeb libssl1.1-udeb libssl-dev libssl-doc Architecture: source Version: 1.1.0j-1~deb9u1 Distribution: stretch-security Urgency: medium Maintainer: Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org> Changed-By: Sebastian Andrzej Siewior <sebastian@breakpoint.cc> Description: libcrypto1.1-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb) libssl-dev - Secure Sockets Layer toolkit - development files libssl-doc - Secure Sockets Layer toolkit - development documentation libssl1.1 - Secure Sockets Layer toolkit - shared libraries libssl1.1-udeb - ssl shared library - udeb (udeb) openssl - Secure Sockets Layer toolkit - cryptographic utility Closes: 903566 907457 Changes: openssl (1.1.0j-1~deb9u1) stretch-security; urgency=medium . * Import 1.1.0j - CVE-2018-0734 (Timing vulnerability in DSA signature generation) - CVE-2018-0735 (Timing vulnerability in ECDSA signature generation) - add new symbols . openssl (1.1.0i-1~deb9u1) stretch; urgency=medium . * Import 1.1.0i - Fix segfault ERR_clear_error (Closes: #903566) - Fix commandline option for CAengine (Closes: #907457) - CVE-2018-0732 (Client DoS due to large DH parameter) - CVE-2018-0737 (Cache timing vulnerability in RSA Key Generation) * Abort the build if symbols are discovered which are not part of the symbols file. * use signing-key.asc and a https links for downloads Checksums-Sha1: d17f08678d72b94d3056c9706c245ebf1711dd3e 2611 openssl_1.1.0j-1~deb9u1.dsc dcad1efbacd9a4ed67d4514470af12bbe2a1d60a 5411919 openssl_1.1.0j.orig.tar.gz 062f7c43a2a7a93d9cba47ac9b7a03a9e250cf2b 488 openssl_1.1.0j.orig.tar.gz.asc 3873b1355e8badf12b0ab71bc8a6d7dd09d17900 71944 openssl_1.1.0j-1~deb9u1.debian.tar.xz 5d19bb0f76c3c045ab4951690b4f9c49087baad5 6188 openssl_1.1.0j-1~deb9u1_source.buildinfo Checksums-Sha256: 3c4f9e2af00c7595218d05d09635746f7edfd13b6c08b6266cd386b195c7889b 2611 openssl_1.1.0j-1~deb9u1.dsc 31bec6c203ce1a8e93d5994f4ed304c63ccf07676118b6634edded12ad1b3246 5411919 openssl_1.1.0j.orig.tar.gz e162322dce0b98f92401a48ba5f088ded64ee308a54580ed9edc3edafd85eebf 488 openssl_1.1.0j.orig.tar.gz.asc 737db70af006b984b914ba63ac8cbf012cb0db43df5e31f7dfa95d0b5890910b 71944 openssl_1.1.0j-1~deb9u1.debian.tar.xz 90bab6fa8ae79f7b78f9b29beacc7e8a91639fa2971bfea54ed21ed280ed8fb5 6188 openssl_1.1.0j-1~deb9u1_source.buildinfo Files: f84cb2f42b1eadad18d2fd48a51bfdf0 2611 utils optional openssl_1.1.0j-1~deb9u1.dsc b4ca5b78ae6ae79da80790b30dbedbdc 5411919 utils optional openssl_1.1.0j.orig.tar.gz 7376a4d19efd082b3b95f018344f3d92 488 utils optional openssl_1.1.0j.orig.tar.gz.asc 25c3593423811a404008f2dd56410298 71944 utils optional openssl_1.1.0j-1~deb9u1.debian.tar.xz 5e14ce90b49e8c328b6fdd880741b492 6188 utils optional openssl_1.1.0j-1~deb9u1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEZCVGlf/wqkRmzBnme5boFiqM9dEFAlv/IKAACgkQe5boFiqM 9dE9wQ//RZBb5YNoMJUQ5umfL0BtvXUY0JvbR3Z5Y03q8tdsHbFfnHM6lKPjLijW ftTS6LZMUxtsIaScNIkW6eGDGL3ShA1PHpvOQMmUG7cl87LG2OjRK+9yzt3vv2S1 CeJ3mpLve3ZAp4GZNkiPFqdESjOj9QwizxBPzkk3nox5i+GoKBhOYSIukIP1Q7/h IjNAELnLoPnDsnmnzw50eIEM6gNJZt95b3x4uUNig+QrD3na6i1eiMubnVjzFFAV ZPx2C/Ty682pOKsn8MVxRUVvGl3mdgnPQdKf3IHL0aX7HYR3TAFmMNFXrufyOkYn Akp58kBKr2FiineQWaWUujJSxQl6UOo7iRFC3Aezlz1P8vPRzZJiF2LMeoS5vFkZ apDO8yKZkGe2hjjtYUbLcgBhgjkOwh1rHT0/EnDyiEFwuFynUWXcZD8LbILG18OQ ykBjoiHumUprrip+I8qgGTCHlWgegLLxFAYNAPQIRl4Lq4gblnrBnSl4h/78DPxI 5YwQuN9lPqNEu8cYx48nsyNqySB97bgxRF0LO/cGFrj2iqA3jfEYfchnNSuCQvDs aJoSAl4+IlhsgJx/Hmfb4+iGy8Z6dAXcFs9SxsBCKa0qljRmynMT/PuM9oXFxsJC WOAvFk+HC4i0FqD4k8cN4OV/iEaN7pwRtBA9iIlMgvhHNCir4GI= =Ps41 -----END PGP SIGNATURE-----