-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 3.0 (quilt) Source: openssl Binary: openssl, libssl1.0.0, libcrypto1.0.0-udeb, libssl-dev, libssl-doc, libssl1.0.0-dbg Architecture: any all Version: 1.0.1j-1 Maintainer: Debian OpenSSL Team <[email protected]> Uploaders: Christoph Martin <[email protected]>, Kurt Roeckx <[email protected]> Standards-Version: 3.9.5 Vcs-Browser: http://anonscm.debian.org/viewvc/pkg-openssl/openssl Vcs-Svn: svn://anonscm.debian.org/pkg-openssl/openssl/ Build-Depends: debhelper (>= 9), m4, bc, dpkg-dev (>= 1.15.7) Package-List: libcrypto1.0.0-udeb udeb debian-installer optional arch=any libssl-dev deb libdevel optional arch=any libssl-doc deb doc optional arch=all libssl1.0.0 deb libs important arch=any libssl1.0.0-dbg deb debug extra arch=any openssl deb utils optional arch=any Checksums-Sha1: cff86857507624f0ad42d922bb6f77c4f1c2b819 4432964 openssl_1.0.1j.orig.tar.gz 48abefd3d2e359696b241f4d2d2ff4d806438fa8 87356 openssl_1.0.1j-1.debian.tar.xz Checksums-Sha256: 1b60ca8789ba6f03e8ef20da2293b8dc131c39d83814e775069f02d26354edf3 4432964 openssl_1.0.1j.orig.tar.gz 9c2d001144dc2ea301d0deed6b41c8f893d17774c31de3c5ba7ba9272a7318ff 87356 openssl_1.0.1j-1.debian.tar.xz Files: f7175c9cd3c39bb1907ac8bba9df8ed3 4432964 openssl_1.0.1j.orig.tar.gz b9c10d35197b07e2d42ed06fbc438a96 87356 openssl_1.0.1j-1.debian.tar.xz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJUPrSBAAoJEKGfLDAaVSLdN+MP/R8XELnjEMic1g11sKE2v4Hm ER4HtlT/UaY5IHa0Jj14HYeSUB07MMG4fqxCsasc0PH685xcd+HHTafl95nKfUYV 6/e4Cetkn2ZAhgjpQVoPO4iGwZbviymI45TctZ5ljX1ZKzJB8PsJ1hM2mY/x9Xj+ q4Glr/LAwvhU6YaTdAXo/rUozkVji+j57kpMg/2jA1P1k00+Yr8Um9qhrnEtuqA3 R35e1s0BViaLl4e66U3yw1IQ0aDrqPM5xWbx35kQH93JtrpbJEntD3EXKSedv2eB 5h6tp4yxgwSDM6ESGqfdBa1Cs2LBgjHgUkUUXtlDhpVeX57GZh71+7F/C6yKRsDi kAmXte57ABsw33yUU44BtxPg1HxUExl5Ns2hCCZV1mzwDpxRBd1xS84mgv0Evihp mXQl+G7ZymU5GVmGw9jZV1Zf7Eb/XnG9b7b8eT02yaslrBbD1I7WPdZgPyHpnp/U 3L7h221Fqd/oJAo6zoeyXu16xNo4hIeoqpJ7R424M8JRAAjcCEwjlUo6qIPFupOf L+UTbQWWbM5gLpHqwD3WjB4QJ2a5yOP8wuzlniUZBFKEe5LDbUjALVKfWHXWs2dl MVSjFt+u3CwD0TiUxpzVXEIdQoFpCZl+BEyVlD6HP3TBQgLiZooK523KvWf/ANcM mOoj7E7JPtxw4468nXzR =jy3t -----END PGP SIGNATURE----- Changes: openssl (1.0.1j-1) unstable; urgency=high * New upstream release - Fixes CVE-2014-3513 - Fixes CVE-2014-3567 - Add Fallback SCSV support to mitigate CVE-2014-3566 - Fixes CVE-2014-3568 * Disables SSLv3 because of CVE-2014-3566 * Update dgst_hmac.patch to apply to new upstream version * Drop rehash_pod.patch, applied upstream * Fix openssl_fix_for_x32.patch to apply to new upstream version -- Kurt Roeckx <[email protected]> Wed, 15 Oct 2014 19:06:38 +0200