News for package openssl

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 3.0 (quilt)
Source: openssl
Binary: openssl, libssl1.0.0, libcrypto1.0.0-udeb, libssl-dev, libssl-doc, libssl1.0.0-dbg
Architecture: any all
Version: 1.0.1j-1
Maintainer: Debian OpenSSL Team <[email protected]>
Uploaders: Christoph Martin <[email protected]>, Kurt Roeckx <[email protected]>
Standards-Version: 3.9.5
Vcs-Browser: http://anonscm.debian.org/viewvc/pkg-openssl/openssl
Vcs-Svn: svn://anonscm.debian.org/pkg-openssl/openssl/
Build-Depends: debhelper (>= 9), m4, bc, dpkg-dev (>= 1.15.7)
Package-List:
 libcrypto1.0.0-udeb udeb debian-installer optional arch=any
 libssl-dev deb libdevel optional arch=any
 libssl-doc deb doc optional arch=all
 libssl1.0.0 deb libs important arch=any
 libssl1.0.0-dbg deb debug extra arch=any
 openssl deb utils optional arch=any
Checksums-Sha1:
 cff86857507624f0ad42d922bb6f77c4f1c2b819 4432964 openssl_1.0.1j.orig.tar.gz
 48abefd3d2e359696b241f4d2d2ff4d806438fa8 87356 openssl_1.0.1j-1.debian.tar.xz
Checksums-Sha256:
 1b60ca8789ba6f03e8ef20da2293b8dc131c39d83814e775069f02d26354edf3 4432964 openssl_1.0.1j.orig.tar.gz
 9c2d001144dc2ea301d0deed6b41c8f893d17774c31de3c5ba7ba9272a7318ff 87356 openssl_1.0.1j-1.debian.tar.xz
Files:
 f7175c9cd3c39bb1907ac8bba9df8ed3 4432964 openssl_1.0.1j.orig.tar.gz
 b9c10d35197b07e2d42ed06fbc438a96 87356 openssl_1.0.1j-1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJUPrSBAAoJEKGfLDAaVSLdN+MP/R8XELnjEMic1g11sKE2v4Hm
ER4HtlT/UaY5IHa0Jj14HYeSUB07MMG4fqxCsasc0PH685xcd+HHTafl95nKfUYV
6/e4Cetkn2ZAhgjpQVoPO4iGwZbviymI45TctZ5ljX1ZKzJB8PsJ1hM2mY/x9Xj+
q4Glr/LAwvhU6YaTdAXo/rUozkVji+j57kpMg/2jA1P1k00+Yr8Um9qhrnEtuqA3
R35e1s0BViaLl4e66U3yw1IQ0aDrqPM5xWbx35kQH93JtrpbJEntD3EXKSedv2eB
5h6tp4yxgwSDM6ESGqfdBa1Cs2LBgjHgUkUUXtlDhpVeX57GZh71+7F/C6yKRsDi
kAmXte57ABsw33yUU44BtxPg1HxUExl5Ns2hCCZV1mzwDpxRBd1xS84mgv0Evihp
mXQl+G7ZymU5GVmGw9jZV1Zf7Eb/XnG9b7b8eT02yaslrBbD1I7WPdZgPyHpnp/U
3L7h221Fqd/oJAo6zoeyXu16xNo4hIeoqpJ7R424M8JRAAjcCEwjlUo6qIPFupOf
L+UTbQWWbM5gLpHqwD3WjB4QJ2a5yOP8wuzlniUZBFKEe5LDbUjALVKfWHXWs2dl
MVSjFt+u3CwD0TiUxpzVXEIdQoFpCZl+BEyVlD6HP3TBQgLiZooK523KvWf/ANcM
mOoj7E7JPtxw4468nXzR
=jy3t
-----END PGP SIGNATURE-----

Changes:
openssl (1.0.1j-1) unstable; urgency=high

  * New upstream release
    - Fixes CVE-2014-3513
    - Fixes CVE-2014-3567
    - Add Fallback SCSV support to mitigate CVE-2014-3566
    - Fixes CVE-2014-3568
  * Disables SSLv3 because of CVE-2014-3566
  * Update dgst_hmac.patch to apply to new upstream version
  * Drop rehash_pod.patch, applied upstream
  * Fix openssl_fix_for_x32.patch to apply to new upstream version

 -- Kurt Roeckx <[email protected]>  Wed, 15 Oct 2014 19:06:38 +0200