1
openssl (1.0.0e-2ubuntu1) oneiric; urgency=low
3
* Resynchronise with Debian, fixes CVE-2011-1945, CVE-2011-3207 and
4
CVE-2011-3210 (LP: #850608). Remaining changes:
5
- debian/libssl1.0.0.postinst:
6
+ Display a system restart required notification bubble on libssl1.0.0
8
+ Use a different priority for libssl1.0.0/restart-services depending
9
on whether a desktop, or server dist-upgrade is being performed.
10
- debian/{libssl1.0.0-udeb.dirs, control, rules}: Create
11
libssl1.0.0-udeb, for the benefit of wget-udeb (no wget-udeb package
13
- debian/{libcrypto1.0.0-udeb.dirs, libssl1.0.0.dirs, libssl1.0.0.files,
14
rules}: Move runtime libraries to /lib, for the benefit of
16
- debian/patches/aesni.patch: Backport Intel AES-NI support, now from
17
http://rt.openssl.org/Ticket/Display.html?id=2065 rather than the
19
- debian/patches/Bsymbolic-functions.patch: Link using
21
- debian/patches/perlpath-quilt.patch: Don't change perl #! paths under
24
+ Don't run 'make test' when cross-building.
25
+ Use host compiler when cross-building. Patch from Neil Williams.
26
+ Don't build for processors no longer supported: i486, i586 (on
28
+ Fix Makefile to properly clean up libs/ dirs in clean target.
29
+ Replace duplicate files in the doc directory with symlinks.
30
* debian/libssl1.0.0.postinst: only display restart notification on
33
-- Steve Beattie <sbeattie@ubuntu.com> Wed, 14 Sep 2011 22:06:03 -0700
35
openssl (1.0.0e-2) unstable; urgency=low
37
* Add a missing $(DEB_HOST_MULTIARCH)
39
-- Kurt Roeckx <kurt@roeckx.be> Sat, 10 Sep 2011 17:02:29 +0200
41
openssl (1.0.0e-1) unstable; urgency=low
43
* New upstream version
44
- Fix bug where CRLs with nextUpdate in the past are sometimes accepted
45
by initialising X509_STORE_CTX properly. (CVE-2011-3207)
46
- Fix SSL memory handling for (EC)DH ciphersuites, in particular
47
for multi-threaded use of ECDH. (CVE-2011-3210)
48
- Add protection against ECDSA timing attacks (CVE-2011-1945)
49
* Block DigiNotar certifiates. Patch from
50
Raphael Geissert <geissert@debian.org>
51
* Generate hashes for all certs in a file (Closes: #628780, #594524)
52
Patch from Klaus Ethgen <Klaus@Ethgen.de>
53
* Add multiarch support (Closs: #638137)
54
Patch from Steve Langasek / Ubuntu
55
* Symbols from the gost engine were removed because it didn't have
56
a linker file. Thanks to Roman I Khimov <khimov@altell.ru>
58
* Add support for s390x. Patch from Aurelien Jarno <aurel32@debian.org>
60
* Add build-arch and build-indep targets to the rules file.
62
-- Kurt Roeckx <kurt@roeckx.be> Sat, 10 Sep 2011 12:03:13 +0200
64
openssl (1.0.0d-3) unstable; urgency=low
66
* Make it build on sparc64. Patch from Aurelien Jarno. (Closes: #626060)
67
* Apply patches from Scott Schaefer <saschaefer@neurodiverse.org> to
68
fix various pod and spelling errors. (Closes: #622820, #605561)
69
* Add missing symbols for the engines (Closes: #623038)
70
* More spelling fixes from Scott Schaefer (Closes: #395424)
71
* Patch from Scott Schaefer to better document pkcs12 password options
73
* Document dgst -hmac option. Patch by Thorsten Glaser <tg@mirbsd.de>
76
-- Kurt Roeckx <kurt@roeckx.be> Mon, 13 Jun 2011 12:39:54 +0200
1
78
openssl (1.0.0d-2ubuntu2) oneiric; urgency=low
3
80
* Build for multiarch. LP: #826601.