-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 05 Jan 2009 19:26:37 +0100
Source: openssl097
Binary: libssl0.9.7-dbg libssl0.9.7
Architecture: source amd64
Version: 0.9.7k-3.1etch2
Distribution: stable-security
Urgency: low
Maintainer: Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>
Changed-By: Kurt Roeckx <kurt@roeckx.be>
Description:
libssl0.9.7 - SSL shared libraries
libssl0.9.7-dbg - Symbol tables for libssl and libcrypt
Changes:
openssl097 (0.9.7k-3.1etch2) stable-security; urgency=low
.
* Internal calls to didn't properly check for errors which
resulted in malformed DSA and ECDSA signatures being treated as
a good signature rather than as an error. (CVE-2008-5077)
Files:
fb69818a28ead5b3026dcafc1f5e92d5 1069 utils optional openssl097_0.9.7k-3.1etch2.dsc
845a986c8a5170953c1e88c2d9965176 34518 utils optional openssl097_0.9.7k-3.1etch2.diff.gz
e5521b844646e69b1b8f2daa872b83b8 753788 oldlibs extra libssl0.9.7_0.9.7k-3.1etch2_amd64.deb
670a34f7c39343a7939ba43c4658821c 1326428 libdevel extra libssl0.9.7-dbg_0.9.7k-3.1etch2_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iQEcBAEBAgAGBQJJaiIsAAoJEL97/wQC1SS+NLQH/AndIjpjGZv++TnaJEN2WYbl
SVsZbPGVvEPoUPWeZafAtLB1FlkmoQI3d6T4/QLDmrzlBbTEXgfVlRLlkzVwbXwx
Hb6ZZihTteHJD3r/Ap3u+6YFyPG008/+rjRVs/aI6gQxFgK5c7IRc71o3uvfZ32t
mZic9IWGd4X+7X0mXIfV5T8YvQl8sGub/SehSogaAuOOWpJphjjSJXqu3n4FSM3q
AyIRv+cdqXqoiuEhP0FGVAxcrWqE3SmzEzihitOd2NoDAVWbGs/+bhibybOIHwFf
qZkM55tukf0WD8yNy2PgcRm0ds67VnnjhX6VhdBi5a6YQIrv9PCQtKxPlaxyr7Q=
=IDJu
-----END PGP SIGNATURE-----
Accepted:
libssl0.9.7-dbg_0.9.7k-3.1etch2_amd64.deb
to pool/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch2_amd64.deb
libssl0.9.7_0.9.7k-3.1etch2_amd64.deb
to pool/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch2_amd64.deb
openssl097_0.9.7k-3.1etch2.diff.gz
to pool/main/o/openssl097/openssl097_0.9.7k-3.1etch2.diff.gz
openssl097_0.9.7k-3.1etch2.dsc
to pool/main/o/openssl097/openssl097_0.9.7k-3.1etch2.dsc
