openssl (1.0.2g-1ubuntu1) xenial; urgency=medium * Merge with Debian, remaining changes. - Disable SSLv3 without changing ABI: + debian/patches/no-sslv3.patch: Disable SSLv3 without using the no-ssl3-method option + debian/rules: don't use no-ssl3-method, don't bump soname + debian/patches/engines-path.patch: don't bump soname + debian/patches/version-script.patch: don't bump soname + debian/patches/soname.patch: removed + debian/lib*: don't bump soname - debian/control: don't enable rfc3779 and cms support for now as it changes ABI. - debian/libssl1.0.0.postinst: + Display a system restart required notification on libssl1.0.0 upgrade on servers. + Use a different priority for libssl1.0.0/restart-services depending on whether a desktop, or server dist-upgrade is being performed. - debian/{libssl1.0.0-udeb.dirs, control, rules}: Create libssl1.0.0-udeb, for the benefit of wget-udeb (no wget-udeb package in Debian). - debian/{libcrypto1.0.0-udeb.dirs, libssl1.0.0.dirs, libssl1.0.0.files, rules}: Move runtime libraries to /lib, for the benefit of wpasupplicant. - debian/patches/perlpath-quilt.patch: Don't change perl #! paths under .pc. - debian/rules: + Don't run 'make test' when cross-building. + Use host compiler when cross-building. Patch from Neil Williams. + Don't build for processors no longer supported: i586 (on i386) + Fix Makefile to properly clean up libs/ dirs in clean target. + Replace duplicate files in the doc directory with symlinks. - debian/control: Mark Debian Vcs-* as XS-Debian-Vcs-* - debian/rules: Enable optimized 64bit elliptic curve code contributed by Google.
openssl (1.0.2g-1) unstable; urgency=high * New upstream version * Fix CVE-2016-0797 * Fix CVE-2016-0798 * Fix CVE-2016-0799 * Fix CVE-2016-0702 * Fix CVE-2016-0705 * Disable EXPORT and LOW ciphers: The DROWN attack (CVE-2016-0800) makes use of those, and SLOTH attack (CVE-2015-7575) can make use of them too. Date: Tue, 01 Mar 2016 14:09:30 -0500 Changed-By: Marc Deslauriers <marc.deslauri...@ubuntu.com> Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com> https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu1
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 01 Mar 2016 14:09:30 -0500 Source: openssl Binary: openssl libssl1.0.0 libcrypto1.0.0-udeb libssl1.0.0-udeb libssl-dev libssl-doc libssl1.0.0-dbg Architecture: source Version: 1.0.2g-1ubuntu1 Distribution: xenial Urgency: high Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com> Changed-By: Marc Deslauriers <marc.deslauri...@ubuntu.com> Description: libcrypto1.0.0-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb) libssl-dev - Secure Sockets Layer toolkit - development files libssl-doc - Secure Sockets Layer toolkit - development documentation libssl1.0.0 - Secure Sockets Layer toolkit - shared libraries libssl1.0.0-dbg - Secure Sockets Layer toolkit - debug information libssl1.0.0-udeb - ssl shared library - udeb (udeb) openssl - Secure Sockets Layer toolkit - cryptographic utility Changes: openssl (1.0.2g-1ubuntu1) xenial; urgency=medium . * Merge with Debian, remaining changes. - Disable SSLv3 without changing ABI: + debian/patches/no-sslv3.patch: Disable SSLv3 without using the no-ssl3-method option + debian/rules: don't use no-ssl3-method, don't bump soname + debian/patches/engines-path.patch: don't bump soname + debian/patches/version-script.patch: don't bump soname + debian/patches/soname.patch: removed + debian/lib*: don't bump soname - debian/control: don't enable rfc3779 and cms support for now as it changes ABI. - debian/libssl1.0.0.postinst: + Display a system restart required notification on libssl1.0.0 upgrade on servers. + Use a different priority for libssl1.0.0/restart-services depending on whether a desktop, or server dist-upgrade is being performed. - debian/{libssl1.0.0-udeb.dirs, control, rules}: Create libssl1.0.0-udeb, for the benefit of wget-udeb (no wget-udeb package in Debian). - debian/{libcrypto1.0.0-udeb.dirs, libssl1.0.0.dirs, libssl1.0.0.files, rules}: Move runtime libraries to /lib, for the benefit of wpasupplicant. - debian/patches/perlpath-quilt.patch: Don't change perl #! paths under .pc. - debian/rules: + Don't run 'make test' when cross-building. + Use host compiler when cross-building. Patch from Neil Williams. + Don't build for processors no longer supported: i586 (on i386) + Fix Makefile to properly clean up libs/ dirs in clean target. + Replace duplicate files in the doc directory with symlinks. - debian/control: Mark Debian Vcs-* as XS-Debian-Vcs-* - debian/rules: Enable optimized 64bit elliptic curve code contributed by Google. . openssl (1.0.2g-1) unstable; urgency=high . * New upstream version * Fix CVE-2016-0797 * Fix CVE-2016-0798 * Fix CVE-2016-0799 * Fix CVE-2016-0702 * Fix CVE-2016-0705 * Disable EXPORT and LOW ciphers: The DROWN attack (CVE-2016-0800) makes use of those, and SLOTH attack (CVE-2015-7575) can make use of them too. Checksums-Sha1: 6d4d72c8a4d1aff727750f1b392c84d89f6effd8 2424 openssl_1.0.2g-1ubuntu1.dsc 36af23887402a5ea4ebef91df8e61654906f58f2 5266102 openssl_1.0.2g.orig.tar.gz 349187a7e9f29b1843e44a03f8421c9aaf88934e 86748 openssl_1.0.2g-1ubuntu1.debian.tar.xz Checksums-Sha256: ec505a252b0b85e2c09d42684f073dc4236671c69ef51b3e7ce2173d4e4f7fd4 2424 openssl_1.0.2g-1ubuntu1.dsc b784b1b3907ce39abf4098702dade6365522a253ad1552e267a9a0e89594aa33 5266102 openssl_1.0.2g.orig.tar.gz cff2bed81d04e1d8c3dd95587fc3d70afbbbebeb8d4d887427ddabf48fc0ab02 86748 openssl_1.0.2g-1ubuntu1.debian.tar.xz Files: ede22954a36a755ca302ca37c4bba97e 2424 utils optional openssl_1.0.2g-1ubuntu1.dsc f3c710c045cdee5fd114feb69feba7aa 5266102 utils optional openssl_1.0.2g.orig.tar.gz 8e3f4ca7ca3a853fb520d0da18f64235 86748 utils optional openssl_1.0.2g-1ubuntu1.debian.tar.xz Original-Maintainer: Debian OpenSSL Team <pkg-openssl-de...@lists.alioth.debian.org> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJW1fRhAAoJEGVp2FWnRL6TOWgP/2ylzJA1s0uNOOuFDgspSq2k ehRJKJEuwwtVWA7vQf03kpoBSKWHwUuuVBpsi2ih1bSn8GfPCBFaRqgXSnsHlAet bEoYnrzfCBqRmRa5d8o4S7DwSb8DUQYhwo5KW2cUHWE4dYeif21BZ8pXnphDgFHy Vir5AMScRIhetGuldbFbqyOL0kQqUTBpGGZ5sVna7hp3CrZW47TKbc+4F5dmahbS GYKMRk28wOH8j+U9KGn8ikLrJZ8WixBIc+y0VVmeHrtnQW7uFrfOK2kwihN1iPoT WLKytOt0HC5sw5o/99JdoSBTw+xYtMuPlUdD0h17uAP0jhUhCTy6ge4VpQPV2VX6 Cgv4NKkXqIp9zpESxF3IsGxuuUdR73/L7sDeyssK7nzU9sLMtamdiHbq5Afj8xqP a8RJZnMsOYLiy4MnDQvy56zKAYChyiO4PoZFx9LxBECUlkTYrGF5RirWE4r+0khd l+q9n4P/vSZ6b9w5PjmwGemxFHcSO6tHkENeKIOCbFSN8Gjc34pYb/JfJsxkmU/w FNQrFKBjpohFkCi28wUShMvgAsc3CM/LOnQnMqxfHW7iAwbD/lLfh9sMh3icHUmn 6j2EOSXfzAtaf8Qng7at038gHhCmT6qb2uqK8PObcJYA3OVpMScp4/OkWYQViaL1 owNgvwqGk5KO+XkDl0xz =655S -----END PGP SIGNATURE-----
-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes