[ubuntu/lucid-security] openssl_0.9.8k-7ubuntu8.6_i386_translations.tar.gz, openssl_0.9.8k-7ubuntu8.6_ia64_translations.tar.gz, openssl_0.9.8k-7ubuntu8.6_powerpc_translations.tar.gz, openssl_0.9.8k-7ubuntu8.6_armel_translations.tar.gz, openssl, openssl_0.9.8k-7ubuntu8.6_amd64_translations.tar.gz, openssl_0.9.8k-7ubuntu8.6_sparc_translations.tar.gz (delayed) 0.9.8k-7ubuntu8.6 (Accepted)

Ubuntu Installer archive at ubuntu.com
Tue Feb 15 20:09:50 UTC 2011 

openssl (0.9.8k-7ubuntu8.6) lucid-security; urgency=low

  * SECURITY UPDATE: OCSP stapling vulnerability
    - debian/patched/openssl-CVE-2011-0014-secadv_20110208.patch:
      stricter parsing of ClientHello message in ssl/t1_lib.c
    - CVE-2011-0014
  * Forward TLS version interop patch
    - debian/patches/openssl-forward-interop.patch
    - Handle TLS versions 2.0 and later properly and correctly use
      the highest version of TLS/SSL supported. Although TLS >=
      2.0 is some way off ancient servers have a habit of sticking
      around for a while...
      [Steve Henson]

Date: Wed, 09 Feb 2011 16:47:44 -0800
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/lucid/+source/openssl/0.9.8k-7ubuntu8.6
-------------- next part --------------
Format: 1.8
Date: Wed, 09 Feb 2011 16:47:44 -0800
Source: openssl
Binary: openssl openssl-doc libssl0.9.8 libcrypto0.9.8-udeb libssl0.9.8-udeb libssl-dev libssl0.9.8-dbg
Architecture: source
Version: 0.9.8k-7ubuntu8.6
Distribution: lucid-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Description: 
 libcrypto0.9.8-udeb - crypto shared library - udeb (udeb)
 libssl-dev - SSL development libraries, header files and documentation
 libssl0.9.8 - SSL shared libraries
 libssl0.9.8-dbg - Symbol tables for libssl and libcrypto
 libssl0.9.8-udeb - ssl shared library - udeb (udeb)
 openssl    - Secure Socket Layer (SSL) binary and related cryptographic tools
 openssl-doc - Secure Socket Layer (SSL) documentation
Changes: 
 openssl (0.9.8k-7ubuntu8.6) lucid-security; urgency=low
 .
   * SECURITY UPDATE: OCSP stapling vulnerability
     - debian/patched/openssl-CVE-2011-0014-secadv_20110208.patch:
       stricter parsing of ClientHello message in ssl/t1_lib.c
     - CVE-2011-0014
   * Forward TLS version interop patch
     - debian/patches/openssl-forward-interop.patch
     - Handle TLS versions 2.0 and later properly and correctly use
       the highest version of TLS/SSL supported. Although TLS >=
       2.0 is some way off ancient servers have a habit of sticking
       around for a while...
       [Steve Henson]
Checksums-Sha1: 
 b3f064b99416d789caad144ee7dc2dd5d4922be6 2097 openssl_0.9.8k-7ubuntu8.6.dsc
 eeaf5f86572724dc772fca5c2623bdf451b991b6 113947 openssl_0.9.8k-7ubuntu8.6.diff.gz
Checksums-Sha256: 
 3fef69b76674107664f0c74a95c073ecb44952caecaf853c3a01c5c7cfda38bc 2097 openssl_0.9.8k-7ubuntu8.6.dsc
 7ab4b64668265ee6814278ac176c39117a6f10cfcf9dfa57f6ce82568ac2f247 113947 openssl_0.9.8k-7ubuntu8.6.diff.gz
Files: 
 a9aee866b987128cbb53018bb4c3e076 2097 utils optional openssl_0.9.8k-7ubuntu8.6.dsc
 666d4d39c8d15495574b3e8cde84d14b 113947 utils optional openssl_0.9.8k-7ubuntu8.6.diff.gz
Original-Maintainer: Debian OpenSSL Team <pkg-openssl-devel at lists.alioth.debian.org>

More information about the Lucid-changes mailing list