Back to openssl1.0 PTS page

Accepted openssl1.0 1.0.2q-1 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted openssl1.0 1.0.2q-1 (source) into unstable
From: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Date: Thu, 22 Nov 2018 23:05:56 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1gPy2m-000BeK-Fu@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 22 Nov 2018 22:06:24 +0100
Source: openssl1.0
Binary: libssl1.0.2 libssl1.0-dev libcrypto1.0.2-udeb libssl1.0.2-udeb
Architecture: source
Version: 1.0.2q-1
Distribution: unstable
Urgency: medium
Maintainer: Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>
Changed-By: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Description:
 libcrypto1.0.2-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb)
 libssl1.0-dev - Secure Sockets Layer toolkit - development files
 libssl1.0.2 - Secure Sockets Layer toolkit - shared libraries
 libssl1.0.2-udeb - ssl shared library - udeb (udeb)
Closes: 891799 895845
Changes:
 openssl1.0 (1.0.2q-1) unstable; urgency=medium
 .
   * Correct typo in the riscv64 target (Closes: #891799).
   * Update to policy 4.1.4
     - drop Priority: important.
     - use signing-key.asc and a https links for downloads.
     - point the VCS-* to salsa.
   * Import upstream version 1.0.2q
     - CVE-2018-5407 (Microarchitecture timing vulnerability in ECC scalar
       multiplication)
     - CVE-2018-0734 (Timing vulnerability in DSA signature generation)
     - CVE-2018-0732 (Client DoS due to large DH parameter)
     - CVE-2018-0737 (Cache timing vulnerability in RSA Key Generation)
       (Closes: #895845)
Checksums-Sha1:
 3e17e370152422f0d3d486dd525ef4e6dc349fbd 2514 openssl1.0_1.0.2q-1.dsc
 692f5f2f1b114f8adaadaa3e7be8cce1907f38c5 5345604 openssl1.0_1.0.2q.orig.tar.gz
 52c2f46fe1d9f4edd6421357e5d1d6212dabcef4 488 openssl1.0_1.0.2q.orig.tar.gz.asc
 73eafa0d89c2d9680185732beb656635c65e026d 94732 openssl1.0_1.0.2q-1.debian.tar.xz
 b7aedb62505eb2ef60305664d3cbabe47beffcfd 6119 openssl1.0_1.0.2q-1_source.buildinfo
Checksums-Sha256:
 7e9cae7b49067f5ef6e26f81a1a3e202ca7e71f0ed1b257d0b452f11445968ca 2514 openssl1.0_1.0.2q-1.dsc
 5744cfcbcec2b1b48629f7354203bc1e5e9b5466998bbccc5b5fcde3b18eb684 5345604 openssl1.0_1.0.2q.orig.tar.gz
 d8a8e611cb1c46e167594a19aac7b9b56e070b7ec762659462ffa23183064cf0 488 openssl1.0_1.0.2q.orig.tar.gz.asc
 25e874dfb163e6b974e7e8d460e49bc07aa64a227c3ab6c1cc4ed7f7ad3188b6 94732 openssl1.0_1.0.2q-1.debian.tar.xz
 3b33789965d110c21122004dfa80abc07fc2948beb8adebcf32efdeb833c4c98 6119 openssl1.0_1.0.2q-1_source.buildinfo
Files:
 f1dd5589ba803fdfaa122e720d114050 2514 utils optional openssl1.0_1.0.2q-1.dsc
 7563e1ce046cb21948eeb6ba1a0eb71c 5345604 utils optional openssl1.0_1.0.2q.orig.tar.gz
 fe9271891371076e283ccd6bbd96f2f6 488 utils optional openssl1.0_1.0.2q.orig.tar.gz.asc
 7168a96f84a599b82518d2f83a22cedd 94732 utils optional openssl1.0_1.0.2q-1.debian.tar.xz
 c99ae6f0a736e73b5cdf68e1511098f0 6119 utils optional openssl1.0_1.0.2q-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEZCVGlf/wqkRmzBnme5boFiqM9dEFAlv3LtIACgkQe5boFiqM
9dFKCBAAnYkX0yhNx4dY8Nrf9sAP0uyiE+k/ptf6IsP2O811uO6R4BU2i2V77SGw
5snFgsE9RH2FBANeLVX9oI20x9EoxCOBuse88r5RM2oganAv+Wqz/cdnNr6xHu2l
K9K/xru2Ts/eyb9X2a/HKHhYi9fZuLvb28Ppo47SGm/DkyFitzNBbgCyIgXSKfsp
uy3zRGSPQIMkxzbcJHzrYxMF9qQLduRUnO+96x8hvnWxajKER06BYtzKfV8Be7Zj
ByvAFWWsJMNhPVZhyvoEmArQzZypaUu3V81X0HIuN/aL4ypPR2dIMTnlGsIfWe06
AXk7j9V3UXakQhDbdJLwWlhsRm4BdPKJVLbDHXz5gqjD1J8GiEaCQUx1ZAF4YR22
9izjI+VU29eCbH8qS2jPx2lYHa/BQKUVsIagB19w/JtiFJI9Dpr4cHaG0tl0e4gN
E+JjgSXshR5LD9yCMjBs3z3/XevLzAVdqsRR00Qy1GngNgCUJp9m1rhkPeg0JC6X
E1al0OVoOJxrHE+fqzx35iuDwDqi6jrU2CllWHAp8xx32+SvwPASkvOupDW5o+e4
4TnHyJ/fdrRV70E4yDW5/Uqbwoagsw1XvwJPz3GsJcOqPKO6QSfmhkRLSFxcTVUi
FlPH/Y2VB8087XxXxUW2UlIWiE5PZaF2AprgabYPjIyXyQATWQE=
=Z6IZ
-----END PGP SIGNATURE-----