Debian Package Tracker

general

source: openssl (main)
version: 1.1.0h-4
maintainer: Debian OpenSSL Team (archive) [DMD]
uploaders: Sebastian Andrzej Siewior [DMD] – Christoph Martin [DMD] – Kurt Roeckx [DMD]
arch: all any
std-ver: 4.1.4
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.0.1e-2+deb7u20
o-o-sec: 1.0.1t-1+deb7u4
oldstable: 1.0.1t-1+deb8u7
old-sec: 1.0.1t-1+deb8u8
old-bpo: 1.0.2l-1~bpo8+1
old-p-u: 1.0.1t-1+deb8u8
stable: 1.1.0f-3+deb9u1
stable-sec: 1.1.0f-3+deb9u2
stable-p-u: 1.1.0f-3+deb9u2
testing: 1.1.0h-4
unstable: 1.1.0h-4
exp: 1.1.1~~pre6-2

versioned links

1.0.1e-2+deb7u20: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.0.1t-1+deb7u4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.0.1t-1+deb8u7: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.0.1t-1+deb8u8: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.0.2l-1~bpo8+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.1.0f-3+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.1.0f-3+deb9u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.1.0g-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.1.0h-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.1.1~~pre6-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libcrypto1.1-udeb
libssl-dev
libssl-doc
libssl1.1
libssl1.1-udeb
openssl

action needed

The VCS repository is not up to date, consider pushing the missing commits. high

vcswatch reports that the current version of the package is not in its VCS.
Either you need to push your commits, or the information about the package's VCS are out of date. A common cause of the latter issue when using the Git VCS is not specifying the correct branch when the packaging is not in the default one (remote HEAD branch), which is usually "master" but can be modified in salsa.debian.org in the project's general settings with the "Default Branch" field). Alternatively the Vcs-Git field in debian/control can contain a "-b <branch-name>" suffix to indicate what branch is used for the Debian packaging.

Created: 2017-12-03 Last update: 2018-05-24 08:20

lintian reports 4 errors and 32 warnings high

Lintian reports 4 errors and 32 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2018-04-11 Last update: 2018-05-24 07:51

Does not build reproducibly during testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2018-05-24 Last update: 2018-05-25 08:18

1 bug tagged patch in the BTS normal

The BTS contains patches fixing 1 bug, consider including or untagging them.

Created: 2018-04-12 Last update: 2018-05-25 07:41

RFH: The maintainer is looking for help with this package. normal

The current maintainer is looking for someone who can help with the maintenance of this package. If you are interested in this package, please consider helping out. One way you can help is offer to be a co-maintainer or triage bugs in the BTS. Please see bug number #332498 for more information.

Created: 2017-12-02 Last update: 2017-12-02 00:26

1 ignored security issue in jessie low

There is 1 open security issue in jessie.

1 issue skipped by the security teams:

CVE-2018-0737: The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o).

Please fix it.

Created: 2018-04-16 Last update: 2018-05-25 08:04

1 ignored security issue in wheezy low

There is 1 open security issue in wheezy.

1 issue skipped by the security teams:

CVE-2018-0737: The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o).

Please fix it.

Created: 2018-04-16 Last update: 2018-05-25 08:04

1 ignored security issue in stretch low

There is 1 open security issue in stretch.

1 issue skipped by the security teams:

CVE-2018-0737: The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o).

Please fix it.

Created: 2018-04-16 Last update: 2018-05-25 08:04

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2017-10-26 Last update: 2017-10-26 07:22

news

[rss feed]

[2018-05-25] openssl 1.1.0h-4 MIGRATED to testing (Debian testing watch)
[2018-05-23] Accepted openssl 1.1.0h-4 (source) into unstable (Sebastian Andrzej Siewior)
[2018-05-23] openssl 1.1.0h-3 MIGRATED to testing (Debian testing watch)
[2018-05-18] Accepted openssl 1.1.0h-3 (source) into unstable (Sebastian Andrzej Siewior)
[2018-05-01] Accepted openssl 1.1.1~~pre6-2 (source) into experimental (Kurt Roeckx)
[2018-05-01] Accepted openssl 1.1.1~~pre6-1 (source) into experimental (Kurt Roeckx)
[2018-04-03] Accepted openssl 1.1.1~~pre4-1 (source) into experimental (Sebastian Andrzej Siewior)
[2018-03-30] Accepted openssl 1.0.1t-1+deb8u8 (source all) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Sebastian Andrzej Siewior)
[2018-03-30] Accepted openssl 1.1.0f-3+deb9u2 (source) into proposed-updates->stable-new, proposed-updates (Sebastian Andrzej Siewior)
[2018-03-30] Accepted openssl 1.0.1t-1+deb7u4 (source all amd64) into oldoldstable (Antoine Beaupré)
[2018-03-30] Accepted openssl 1.0.1t-1+deb7u4 (source all amd64) into oldoldstable (Antoine Beaupré)
[2018-03-30] openssl 1.1.0h-2 MIGRATED to testing (Debian testing watch)
[2018-03-30] openssl 1.1.0h-2 MIGRATED to testing (Debian testing watch)
[2018-03-29] Accepted openssl 1.1.0f-3+deb9u2 (source) into stable->embargoed, stable (Sebastian Andrzej Siewior)
[2018-03-29] Accepted openssl 1.0.1t-1+deb8u8 (source all) into oldstable->embargoed, oldstable (Sebastian Andrzej Siewior)
[2018-03-28] Accepted openssl 1.1.0h-2 (source) into unstable (Sebastian Andrzej Siewior)
[2018-03-27] Accepted openssl 1.1.0h-1 (source) into unstable (Sebastian Andrzej Siewior)
[2018-03-20] Accepted openssl 1.1.1~~pre3-1 (source) into experimental (Sebastian Andrzej Siewior)
[2018-02-27] Accepted openssl 1.1.1~~pre2-1 (source) into experimental (Sebastian Andrzej Siewior)
[2018-02-25] Accepted openssl 1.1.1~~pre1-1 (source) into experimental (Sebastian Andrzej Siewior)
[2017-11-18] Accepted openssl 1.0.1t-1+deb8u7 (source all amd64) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Kurt Roeckx)
[2017-11-12] Accepted openssl 1.1.0f-3+deb9u1 (source amd64 all) into proposed-updates->stable-new, proposed-updates (Kurt Roeckx)
[2017-11-09] Accepted openssl 1.0.1t-1+deb7u3 (source all amd64) into oldoldstable (Kurt Roeckx) (signed by: Markus Koschany)
[2017-11-06] openssl 1.1.0g-2 MIGRATED to testing (Debian testing watch)
[2017-11-04] Accepted openssl 1.1.0g-2 (source) into unstable (Kurt Roeckx)
[2017-11-02] Accepted openssl 1.1.0g-1 (source) into unstable (Kurt Roeckx)
[2017-09-04] openssl 1.1.0f-5 MIGRATED to testing (Debian testing watch)
[2017-08-24] Accepted openssl 1.1.0f-5 (source) into unstable (Kurt Roeckx)
[2017-08-12] openssl 1.1.0f-4 MIGRATED to testing (Debian testing watch)
[2017-08-06] Accepted openssl 1.1.0f-4 (source) into unstable (Kurt Roeckx)

bugs [bug history graph]

all: 74
RC: 1
I&N: 43
M&W: 30
F&P: 0

links

homepage
lintian (4, 32)
buildd: logs, exp, checks, clang, reproducibility
popcon
debci
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.1.0g-2ubuntu4
103 bugs (7 patches)
patches for 1.1.0g-2ubuntu4