-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 07 Apr 2014 22:26:55 +0200 Source: openssl Binary: openssl libssl1.0.0 libcrypto1.0.0-udeb libssl-dev libssl-doc libssl1.0.0-dbg Architecture: source all amd64 Version: 1.0.1e-2+deb7u5 Distribution: wheezy-security Urgency: high Maintainer: Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org> Changed-By: Salvatore Bonaccorso <carnil@debian.org> Description: libcrypto1.0.0-udeb - crypto shared library - udeb (udeb) libssl-dev - SSL development libraries, header files and documentation libssl-doc - SSL development documentation documentation libssl1.0.0 - SSL shared libraries libssl1.0.0-dbg - Symbol tables for libssl and libcrypto openssl - Secure Socket Layer (SSL) binary and related cryptographic tools Changes: openssl (1.0.1e-2+deb7u5) wheezy-security; urgency=high . * Non-maintainer upload by the Security Team. * Add CVE-2014-0160.patch patch. CVE-2014-0160: Fix TLS/DTLS hearbeat information disclosure. A missing bounds check in the handling of the TLS heartbeat extension can be used to reveal up to 64k of memory to a connected client or server. Checksums-Sha1: bf7e617f33aa7681e41288a0a99cf6036922ffd1 2211 openssl_1.0.1e-2+deb7u5.dsc 9dbdef8fd484a24482813f38f144721975394e87 97824 openssl_1.0.1e-2+deb7u5.debian.tar.gz a7e1ae9efd4f94201ff7b0c770d3dd0dd02e2d62 1201328 libssl-doc_1.0.1e-2+deb7u5_all.deb eae882e6c1d98e2cfccef8fd991c28fefb0d22a0 700304 openssl_1.0.1e-2+deb7u5_amd64.deb bfb36b71477c24a4ccc924715f65f680eef269a0 1257182 libssl1.0.0_1.0.1e-2+deb7u5_amd64.deb 646fb1175cd3b023d20869114fb58976fb733274 635286 libcrypto1.0.0-udeb_1.0.1e-2+deb7u5_amd64.udeb 21953ba3ef786fbd7cf2c94d1b3a08edbb33e270 1748636 libssl-dev_1.0.1e-2+deb7u5_amd64.deb 05efe1c884b15a43e431c2b0a39703e313f1e7ab 3076640 libssl1.0.0-dbg_1.0.1e-2+deb7u5_amd64.deb Checksums-Sha256: c1c863484842c0337eda90cf7a2f87cac7cc0a683b04fc139f3faf6e0c1ee882 2211 openssl_1.0.1e-2+deb7u5.dsc 5bd77f2a2557a6e3414ccbdfe08aabc951166586eeb2c213c8a3d9e496523633 97824 openssl_1.0.1e-2+deb7u5.debian.tar.gz df46f4e270527f3afd20bb2034cd162b651e0364cbd65fe5edd5cf6f81335537 1201328 libssl-doc_1.0.1e-2+deb7u5_all.deb cbfb0cb6a8be98d966c9ac671099080ff7582a189422b5a23b939e2351f1206e 700304 openssl_1.0.1e-2+deb7u5_amd64.deb 09584eff6b89d8f9f79307115430b9e3232ec1055a661cc96216c86b38ec4bd2 1257182 libssl1.0.0_1.0.1e-2+deb7u5_amd64.deb ba90215a1f1966e8c2a131db4b2f75d2de7a9af1e2a642d027302dba3ef8b14e 635286 libcrypto1.0.0-udeb_1.0.1e-2+deb7u5_amd64.udeb d843d2c65b54fba2e98ec357617d1710aaf99693ec31268c296cbc9d98767aa9 1748636 libssl-dev_1.0.1e-2+deb7u5_amd64.deb 82e5d6a6dc8e4ec6581522cb300b06d9b7cf8458ce1aedd28cd894f1a02bf53c 3076640 libssl1.0.0-dbg_1.0.1e-2+deb7u5_amd64.deb Files: 0d853b9c65f3f08aad7fda5a9a954e00 2211 utils optional openssl_1.0.1e-2+deb7u5.dsc b1ab3df28bad0c95a6f130058b5e9a7c 97824 utils optional openssl_1.0.1e-2+deb7u5.debian.tar.gz 89bf9e7cd5652547b96ff96d3fbaddfe 1201328 doc optional libssl-doc_1.0.1e-2+deb7u5_all.deb 4023122cea1a8dd199dfc48db09be827 700304 utils optional openssl_1.0.1e-2+deb7u5_amd64.deb ad6ad14bcbc6e31bc1dfba3e72270ff7 1257182 libs important libssl1.0.0_1.0.1e-2+deb7u5_amd64.deb e113befb1d84d9c2d9201710b3121510 635286 debian-installer optional libcrypto1.0.0-udeb_1.0.1e-2+deb7u5_amd64.udeb 9cefd0f3f82a1969f7977fd025ce5436 1748636 libdevel optional libssl-dev_1.0.1e-2+deb7u5_amd64.deb b311fa968626d159052d9a4e00774e75 3076640 debug extra libssl1.0.0-dbg_1.0.1e-2+deb7u5_amd64.deb Package-Type: udeb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJTQw3CAAoJEAVMuPMTQ89E3loP/2JyRCHJO+3b2K5pcCrUSp4b 1bOxV0BctgdyWd9P/rUci+NVYSNAatkQPj/GjoYoe5X1m+QrMhNGUJXXtwKrUhbF OWNFaJQWzqeG+5qHuE9tXWWP6FHGvpPHbgxMA6WnTx9uQi1GdBcAzzsf/xa9CJGw BdcomY2FvZuGbX2pPxpRPK0sFuCIqVFWUaQFePfTLV2c0eK7gSe817t96tUtmrki B0QeLXbNeDiLlvCwB5jqYg6UH6whhzALvI01ea2uXvnSvuAfduJRqzWLvVZ0rsPC ubpQpJo+6j40OAI8hECkeVsAcPHI2l3stLc/Ds8T2aq4PzSKI6gLzMk0GnJRKvvS PnnKbZDGPrfjHLeQA/rKV9SAu0Qs1nTdRlDbuSC9jdCpRIEigI8pdMnT0YLLdXuX v55uhcS3ClCamNr8AMHzcKxdK2zCEbliKWRJCiI2DUzl0PtT098pPt518EftdfB8 iJhM+5UwqHXAkbhsUpyHbHQ+uDSE29w44k5W6saC44PYfxqY16IPsU/AGr/W6WXq pln0e6TczK4sqCl76x8IPmUI4eDAxMnGU6mDlgacbVZhnEXs0eaNXLqICPTt3Iqr r0vRIGDcMoqwrlkjDtI8OOyvh7+CFeuYpQ9k6rjOUQRG7hwhn+ny1guuMc03V8NO qYfDS/nbCPRpfmsdpean =aUNt -----END PGP SIGNATURE-----
