[ubuntu/cosmic-proposed] openssl 1.1.0h-4ubuntu1 (Accepted)

Gianfranco Costamagna locutusofborg at debian.org
Mon Aug 27 06:14:14 UTC 2018


openssl (1.1.0h-4ubuntu1) cosmic; urgency=medium

  * Merge from Debian unstable, remaining changes:
    - Replace duplicate files in the doc directory with symlinks.
    - debian/libssl1.1.postinst:
      + Display a system restart required notification on libssl1.1
        upgrade on servers.
      + Use a different priority for libssl1.1/restart-services depending
        on whether a desktop, or server dist-upgrade is being performed.
    - s390x: Add support for CPACF enhancements to openssl, for IBM z14.
    - grab fixes for CVE-2018-0495 and CVE-2018-0732

openssl (1.1.0h-4) unstable; urgency=medium

  * Build the binary in indep mode again, so we can install the documentation
    again.
  * Drop @echo in flavour so it builds again on Alpha
  * Add a 25-test_verify.t for autopkgtest which runs against intalled
    openssl binary.

openssl (1.1.0h-3) unstable; urgency=medium

  * Drop afalgeng on kfreebsd-* which go enabled because they inherit from
    the linux target.
  * Fix regression with session cache use by clients (See: #895035).
  * openssl rehash: exit 0 on warnings, same as c_rehash (See: #895473 and
    #895482).
  * Fix debian-rules-sets-dpkg-architecture-variable.
  * Let VCS-* point to salsa.d.o.
  * Don't build the binary package in binary-indep mode.
  * Update to policy 4.1.4
    - only Suggest: libssl-doc instead Recommends (only documentation and
      example code is shipped).
    - drop Priority: important.
    - use signing-key.asc and a https links for downloads
  * Use compat 11.
    - this moves the examples to /usr/share/doc/libssl-{doc->dev}/demos but it
      seems to make sense.
  * Fix CVE-2018-0737 (Closes: #895844).

openssl (1.1.0h-2) unstable; urgency=high

  * Revert "only quote stuff that actually needs quoting" so c_rehash has the
    quotes again (Closes: #894282).

openssl (1.1.0h-1) unstable; urgency=medium

  * Abort the build if symbols are discovered which are not part of the
    symbols file.
  * Add config support for MIPS R6, patch by YunQiang Su (Closes: #882007).
  * Enable afalgeng on Linux targets (Closes: #888305)
  * Add riscv64 target (Closes: #891797).
  * New upstream release 1.1.0h
    - Drop applied patches:
       aes-asm-aes-armv4-bsaes-armv7-.pl-make-it-work-with-binut.patch
    - Update symbols file.
    - Fix CVE-2017-3738 (rsaz_1024_mul_avx2 overflow bug on x86_64)
    - Fix CVE-2018-0733 (Incorrect CRYPTO_memcmp on HP-UX PA-RISC)
    - Fix CVE-2018-0739 (Constructed ASN.1 types with a recursive definition
          could exceed the stack)
  * Correct lhash typo in header file (Closes: #892276).

Date: Sun, 26 Aug 2018 19:31:06 +0200
Changed-By: Gianfranco Costamagna <locutusofborg at debian.org>
Maintainer: Debian OpenSSL Team <pkg-openssl-devel at lists.alioth.debian.org>
https://launchpad.net/ubuntu/+source/openssl/1.1.0h-4ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 26 Aug 2018 19:31:06 +0200
Source: openssl
Binary: openssl libssl1.1 libcrypto1.1-udeb libssl1.1-udeb libssl-dev libssl-doc
Architecture: source
Version: 1.1.0h-4ubuntu1
Distribution: cosmic
Urgency: high
Maintainer: Debian OpenSSL Team <pkg-openssl-devel at lists.alioth.debian.org>
Changed-By: Gianfranco Costamagna <locutusofborg at debian.org>
Description:
 libcrypto1.1-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb)
 libssl-dev - Secure Sockets Layer toolkit - development files
 libssl-doc - Secure Sockets Layer toolkit - development documentation
 libssl1.1  - Secure Sockets Layer toolkit - shared libraries
 libssl1.1-udeb - ssl shared library - udeb (udeb)
 openssl    - Secure Sockets Layer toolkit - cryptographic utility
Closes: 882007 888305 891797 892276 894282 895844
Changes:
 openssl (1.1.0h-4ubuntu1) cosmic; urgency=medium
 .
   * Merge from Debian unstable, remaining changes:
     - Replace duplicate files in the doc directory with symlinks.
     - debian/libssl1.1.postinst:
       + Display a system restart required notification on libssl1.1
         upgrade on servers.
       + Use a different priority for libssl1.1/restart-services depending
         on whether a desktop, or server dist-upgrade is being performed.
     - s390x: Add support for CPACF enhancements to openssl, for IBM z14.
     - grab fixes for CVE-2018-0495 and CVE-2018-0732
 .
 openssl (1.1.0h-4) unstable; urgency=medium
 .
   * Build the binary in indep mode again, so we can install the documentation
     again.
   * Drop @echo in flavour so it builds again on Alpha
   * Add a 25-test_verify.t for autopkgtest which runs against intalled
     openssl binary.
 .
 openssl (1.1.0h-3) unstable; urgency=medium
 .
   * Drop afalgeng on kfreebsd-* which go enabled because they inherit from
     the linux target.
   * Fix regression with session cache use by clients (See: #895035).
   * openssl rehash: exit 0 on warnings, same as c_rehash (See: #895473 and
     #895482).
   * Fix debian-rules-sets-dpkg-architecture-variable.
   * Let VCS-* point to salsa.d.o.
   * Don't build the binary package in binary-indep mode.
   * Update to policy 4.1.4
     - only Suggest: libssl-doc instead Recommends (only documentation and
       example code is shipped).
     - drop Priority: important.
     - use signing-key.asc and a https links for downloads
   * Use compat 11.
     - this moves the examples to /usr/share/doc/libssl-{doc->dev}/demos but it
       seems to make sense.
   * Fix CVE-2018-0737 (Closes: #895844).
 .
 openssl (1.1.0h-2) unstable; urgency=high
 .
   * Revert "only quote stuff that actually needs quoting" so c_rehash has the
     quotes again (Closes: #894282).
 .
 openssl (1.1.0h-1) unstable; urgency=medium
 .
   * Abort the build if symbols are discovered which are not part of the
     symbols file.
   * Add config support for MIPS R6, patch by YunQiang Su (Closes: #882007).
   * Enable afalgeng on Linux targets (Closes: #888305)
   * Add riscv64 target (Closes: #891797).
   * New upstream release 1.1.0h
     - Drop applied patches:
        aes-asm-aes-armv4-bsaes-armv7-.pl-make-it-work-with-binut.patch
     - Update symbols file.
     - Fix CVE-2017-3738 (rsaz_1024_mul_avx2 overflow bug on x86_64)
     - Fix CVE-2018-0733 (Incorrect CRYPTO_memcmp on HP-UX PA-RISC)
     - Fix CVE-2018-0739 (Constructed ASN.1 types with a recursive definition
           could exceed the stack)
   * Correct lhash typo in header file (Closes: #892276).
Checksums-Sha1:
 72bba1ab07e0d46505464d0d99efa302a0520deb 2642 openssl_1.1.0h-4ubuntu1.dsc
 0fc39f6aa91b6e7f4d05018f7c5e991e1d2491fd 5422717 openssl_1.1.0h.orig.tar.gz
 2b80ae81e7a155b5872d07e3596527eb8eba2658 455 openssl_1.1.0h.orig.tar.gz.asc
 447b6bbdafd1b230ed7c996598da6f28619a168b 97968 openssl_1.1.0h-4ubuntu1.debian.tar.xz
 c856058f97a7d12a0bfc0331220906607e9bbdc6 6186 openssl_1.1.0h-4ubuntu1_source.buildinfo
Checksums-Sha256:
 f894f5230c81ba7ffa69c662f6a1c88fa9b42472e3382efdea66ef744aebe3da 2642 openssl_1.1.0h-4ubuntu1.dsc
 5835626cde9e99656585fc7aaa2302a73a7e1340bf8c14fd635a62c66802a517 5422717 openssl_1.1.0h.orig.tar.gz
 5d01aeb02958dcf6e7d4a82d2ca61e9cbe5fd3b32c2bcad150469e29fbbfdccf 455 openssl_1.1.0h.orig.tar.gz.asc
 aae00655e99fd56ef15835531715765597e53366f683eefc2281dc0357a8bb6e 97968 openssl_1.1.0h-4ubuntu1.debian.tar.xz
 ece3a53ee38ccdf04b5b5bd6faf79cc2ce57a23e387853930058bf5c0c8a89f4 6186 openssl_1.1.0h-4ubuntu1_source.buildinfo
Files:
 fb0a1ec29db5473a2cf63e69dd9d59f9 2642 utils optional openssl_1.1.0h-4ubuntu1.dsc
 5271477e4d93f4ea032b665ef095ff24 5422717 utils optional openssl_1.1.0h.orig.tar.gz
 b0da895817d1fb02c20035a205dbb86e 455 utils optional openssl_1.1.0h.orig.tar.gz.asc
 4d17344e7e85b378744ba44d4c808f73 97968 utils optional openssl_1.1.0h-4ubuntu1.debian.tar.xz
 4f4a192c241c0e4166bbfa23940351e1 6186 utils optional openssl_1.1.0h-4ubuntu1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEkpeKbhleSSGCX3/w808JdE6fXdkFAluC6KQACgkQ808JdE6f
XdmPJRAAzVxNd8zHVQwu+J6vNttkSdqnYD8Ppxm+rrWQC8QpojzbEAKR4dmRgPoy
0CpyfwGarZ0zlEsG+nVuRF1ClI4tl205joer6ZPteYkIcLPtLv2wQxxMPm6PNeQk
gwQee2IlsQouhm0lDADxNjQnmS/nNgelqUyASm5jj0GCAPeqN6rXUuIKbmliMxX4
i+qZYCLHZll/n0bzNgPNJu6YnQoeHNPFn0x5cRdIndaSiUtHB+FPGBSqoKEZXsSW
Rn7ndmoyWoRMZmqQEJG2cpIpw8lGQdrQb3lDkWNVwu1lKsxRSoIpOvfAp7vRtPU8
3r7tn1zkJ/YHwx/8XvJ7kB446m3XF7Z64uSHaMrPbaKVndMfnbnbxVNa8HqjNvd9
13LYTPfrstyvnwmS6EpsjALaUPA+NtDKA7N84y35ZApOGUTkTvBEXNQDuSH9bmLC
5RVLUIP0b2YGvTnoMT0rc3+nd41YQ0ywA8DZigbrc0ayipwWZZws3JOjyMFtT0mA
bvioT6U6QtROWOgLgJ3xENlPa6AQfYKvDknyZFhn0ddtVfGrURL9Nb2ffPRevMzX
01GoHayvQD2R2ogJxi3dUHh4XPcUoI+FTxcJN66mKEokjAWBbEPZrrgIgNDEaEKb
VuZwlt3//ti/KuLMZ3M29sUJUSq2AEAt/vR94BICn01A5DwJK+c=
=M1Tp
-----END PGP SIGNATURE-----


More information about the Cosmic-changes mailing list