Merge openssl 0.9.8o-5 (main) from Debian unstable (main)

Would like to be sponsored by Kees Cook!

This update looks fine, but I'd like to take the opportunity to clean up the changelog information. There are a lot of Ubuntu deltas in this package, so I'd like to see the list of affected files for each logical change. This greatly helps people reviewing merges in the future. For example, instead of:

    - Replace duplicate files in the doc directory with symlinks.

Something like this would be more helpful:

    - debian/rules: replace duplicate files in the doc directory with symlinks.

Kees, debdiff refreshed.

Thanks, this looks great! I'll get it uploaded shortly.

This bug was fixed in the package openssl - 0.9.8o-5ubuntu1

---------------
openssl (0.9.8o-5ubuntu1) natty; urgency=low

  * Merge from debian unstable. Remaining changes: (LP: #718205)
    - d/libssl0.9.8.postinst:
      + Display a system restart required notification bubble
        on libssl0.9.8 upgrade.
      + Use a different priority for libssl0.9.8/restart-services
        depending on whether a desktop, or server dist-upgrade
        is being performed.
    - d/{libssl0.9.8-udeb.dirs, control, rules}: Create
      libssl0.9.8-udeb, for the benefit of wget-udeb (no wget-udeb
      package in Debian).
    - d/{libcrypto0.9.8-udeb.dirs, libssl0.9.8.dirs, libssl0.9.8.files,
      rules}: Move runtime libraries to /lib, for the benefit of wpasupplicant.
    - d/{control, openssl-doc.docs, openssl.docs, openssl.dirs}:
      + Ship documentation in openssl-doc, suggested by the package.
       (Closes: #470594)
    - d/p/aesni.patch: Backport Intel AES-NI support from
      http://rt.openssl.org/Ticket/Display.html?id=2067 (refreshed)
    - d/p/Bsymbolic-functions.patch: Link using -Bsymbolic-functions.
    - d/p/perlpath-quilt.patch: Don't change perl #! paths under .pc.
    - d/p/no-sslv2.patch: Disable SSLv2 to match NSS and GnuTLS.
      The protocol is unsafe and extremely deprecated. (Closes: #589706)
    - d/rules:
      + Disable SSLv2 during compile. (Closes: #589706)
      + Don't run 'make test' when cross-building.
      + Use host compiler when cross-building. Patch from Neil Williams.
        (Closes: #465248)
      + Don't build for processors no longer supported: i486, i586
        (on i386), v8 (on sparc).
      + Fix Makefile to properly clean up libs/ dirs in clean target.
        (Closes: #611667)
      + Replace duplicate files in the doc directory with symlinks.
  * This upload fixed CVE: (LP: #718208)
    - CVE-2011-0014

openssl (0.9.8o-5) unstable; urgency=low

  * Fix OCSP stapling parse error (CVE-2011-0014)
 -- Artur Rona <email address hidden> Sun, 13 Feb 2011 16:10:24 +0100