Debian Package Tracker

From: Kurt Roeckx <kurt@roeckx.be>
To: <debian-changes@lists.debian.org>
Subject: Accepted openssl 1.0.1k-3+deb8u4 (source all amd64) into proposed-updates->stable-new, proposed-updates
Date: Sat, 05 Mar 2016 22:33:10 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 28 Feb 2016 15:29:46 +0100
Source: openssl
Binary: openssl libssl1.0.0 libcrypto1.0.0-udeb libssl-dev libssl-doc libssl1.0.0-dbg
Architecture: source all amd64
Version: 1.0.1k-3+deb8u4
Distribution: jessie-security
Urgency: medium
Maintainer: Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>
Changed-By: Kurt Roeckx <kurt@roeckx.be>
Description:
 libcrypto1.0.0-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb)
 libssl-dev - Secure Sockets Layer toolkit - development files
 libssl-doc - Secure Sockets Layer toolkit - development documentation
 libssl1.0.0 - Secure Sockets Layer toolkit - shared libraries
 libssl1.0.0-dbg - Secure Sockets Layer toolkit - debug information
 openssl    - Secure Sockets Layer toolkit - cryptographic utility
Changes:
 openssl (1.0.1k-3+deb8u4) jessie-security; urgency=medium
 .
   * Fix CVE-2016-0797
   * Fix CVE-2016-0798
   * Fix CVE-2016-0799
   * Fix CVE-2016-0702
   * Fix CVE-2016-0705
   * Disable EXPORT and LOW ciphers: The DROWN attack (CVE-2016-0800)
     makes use of those, and SLOTH attack (CVE-2015-7575) can make use of them
     too.
Checksums-Sha1:
 66673786b9911027a0ce2b2fd534adac2af27ec7 2258 openssl_1.0.1k-3+deb8u4.dsc
 f2c79ae4d05550f4c4fedaf0b418dbd10951a8b1 111208 openssl_1.0.1k-3+deb8u4.debian.tar.xz
 847305f6fdce5cbe39245ac16498201561851294 1138092 libssl-doc_1.0.1k-3+deb8u4_all.deb
 13683bb750d638741c564481405c6b83e8ff0d5a 677460 openssl_1.0.1k-3+deb8u4_amd64.deb
 f6cc1fa60e606ca399d14b50f27a5ddf3a25876f 1039368 libssl1.0.0_1.0.1k-3+deb8u4_amd64.deb
 4b57380f41a78a9b4d4aafe47d29b504b15d44af 642022 libcrypto1.0.0-udeb_1.0.1k-3+deb8u4_amd64.udeb
 c53c3958b7541ab96c14489f03f31de885bed3da 1272950 libssl-dev_1.0.1k-3+deb8u4_amd64.deb
 d733d079e47516ca06d5a7c969510364953dc1f8 2800224 libssl1.0.0-dbg_1.0.1k-3+deb8u4_amd64.deb
Checksums-Sha256:
 69e1158bfd5694d16b30050ed107009d4d3c3f82f6e4a423a75349389278a503 2258 openssl_1.0.1k-3+deb8u4.dsc
 f41c7d1f018ec8e6a9a284c7bde0060d4a01ba3c5e21f2662a2fca682e04ed6c 111208 openssl_1.0.1k-3+deb8u4.debian.tar.xz
 c9a02b288ec5e4d8b2f50c434e78c5aacbbc6b6fe70f4a4e83ff39f7dc745b9b 1138092 libssl-doc_1.0.1k-3+deb8u4_all.deb
 6f1717d337487e2f4de6b0372cfb4b0d13e84b0a4d2e609599845b0730cadcba 677460 openssl_1.0.1k-3+deb8u4_amd64.deb
 9e5c80b203b67857d6e9e96f86e34fe25d3ab2437113d9255df18b8b86c08149 1039368 libssl1.0.0_1.0.1k-3+deb8u4_amd64.deb
 0be44fc9ea13a9369d3c39410acf0d5095aba68e674843a7701eb492a1d84fb0 642022 libcrypto1.0.0-udeb_1.0.1k-3+deb8u4_amd64.udeb
 72faa3112c3179533e03b2348005ac8d940dcbdb0411f0c049a3cccc594e3c7d 1272950 libssl-dev_1.0.1k-3+deb8u4_amd64.deb
 cd1949f1db2c529df9fe56a4eac2506c00a9832a2441dd121b7627b35057e4d5 2800224 libssl1.0.0-dbg_1.0.1k-3+deb8u4_amd64.deb
Files:
 1d14c31bb7628eb2fb02df8e6af9ffcf 2258 utils optional openssl_1.0.1k-3+deb8u4.dsc
 9515f5f6afa651d526d3382fffb1e4f9 111208 utils optional openssl_1.0.1k-3+deb8u4.debian.tar.xz
 36e58af2dca684a0150bef8cce580f89 1138092 doc optional libssl-doc_1.0.1k-3+deb8u4_all.deb
 7f40770d890d246e259756a55db9bac3 677460 utils optional openssl_1.0.1k-3+deb8u4_amd64.deb
 755d1a3b2453dcb7a691f75e83a43ec7 1039368 libs important libssl1.0.0_1.0.1k-3+deb8u4_amd64.deb
 526b069df0f560795f2461fc5c0c0aaf 642022 debian-installer optional libcrypto1.0.0-udeb_1.0.1k-3+deb8u4_amd64.udeb
 0f7debed072f128cb89128163a77e14d 1272950 libdevel optional libssl-dev_1.0.1k-3+deb8u4_amd64.deb
 1f0412aa11b95c334988e365f779faa1 2800224 debug extra libssl1.0.0-dbg_1.0.1k-3+deb8u4_amd64.deb
Package-Type: udeb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJW1Ib6AAoJEOPE3c0eTBJEtEAQAIwzhrTXv+BeuxlHZ6rq3cWT
OhbpBRyMfrt0jkooPau+5hNuwFd23fqCNnYjYNriRYvtQbeVdPiulEM6W6Lj7oVb
XJfCjXrit3aZTc4FNKn92OI3RQbln4JNdunAsgxehQWrCNPRXGuN1axghn4nhYzC
j/bEyXqMsWyEo+sqzuKj4NWHPOfKJmDhkiKKg4p7qGqlXyQfwIy9yMuLdVa9N7ck
27JjV6UT1itVMbfM8ha0OvMfS19rRjGxJsxDZ+8fBza/mFEjpODEoWNSK7hqudtg
Ig4SgGRHcqzmiVneWfyA2rExOt4SMweco1cqR6oA0fLoQ1IDt+5T3UsTcMriiJp+
yiYD/I9os/9UyF2+N+LF68l+i5pFNIAUNA1svgsWSbW30Lp8KT5zNVX7twTH6x2s
/L7ypTFlYFWxXiA9GpDcvpNTSt5I1F9EupAJxtIYCh+zAigscwIfl5cYpoBSR9+u
n3Y8Csw9wwY/IEo/HlJdQ7v4Kn49ugBgtE/a8KZWniC7LtdWlrPBom433d9FGOz7
plyKz9dMH0bAvRxFY3S+wLKjp9yoiMzsFDB2oNHDOWjcV++lAZc82g4++NbOz3m4
fFVdpb6vrqmIYFmTPRL5cBNMs3ZqZFQKemJSg8lIhZD5G11gCRcFuNhSkfijwoVA
hR7HM9uf1bQ4Dqy6SF8S
=zgY9
-----END PGP SIGNATURE-----
News for package openssl
