View Bazaar branches
Get this repository:
git clone https://git.launchpad.net/ubuntu/+source/openssl
Members of Ubuntu Server Dev import team can upload to this repository. Log in for directions.

Branches

Name Last Modified Last Commit
importer/debian/dsc 2018-10-29 04:50:52 UTC 2018-10-29
DSC file for 1.1.1-2

Author: Ubuntu Git Importer
Author Date: 2018-10-29 04:50:52 UTC

DSC file for 1.1.1-2

debian/sid 2018-10-29 04:40:24 UTC 2018-10-29
Import patches-unapplied version 1.1.1-2 to debian/sid

Author: Sebastian Andrzej Siewior
Author Date: 2018-10-28 22:52:24 UTC

Import patches-unapplied version 1.1.1-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: ec7b59aab88eec3d1da0e1dc81d7daa16ca50623

New changelog entries:
  [ Sebastian Andrzej Siewior ]
  * Add Breaks on isync (See: #906955)
  * Fix autopkgtest (Closes: #910459)
  [ Kurt Roeckx ]
  * Add Breaks on python-imaplib2 (See: #907079)
  * Add news entry regarding default TLS version and security level
    (Closes: #875423, #907631, #911389, #912067).

debian/buster 2018-10-29 04:40:24 UTC 2018-10-29
Import patches-unapplied version 1.1.1-2 to debian/sid

Author: Sebastian Andrzej Siewior
Author Date: 2018-10-28 22:52:24 UTC

Import patches-unapplied version 1.1.1-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: ec7b59aab88eec3d1da0e1dc81d7daa16ca50623

New changelog entries:
  [ Sebastian Andrzej Siewior ]
  * Add Breaks on isync (See: #906955)
  * Fix autopkgtest (Closes: #910459)
  [ Kurt Roeckx ]
  * Add Breaks on python-imaplib2 (See: #907079)
  * Add news entry regarding default TLS version and security level
    (Closes: #875423, #907631, #911389, #912067).

applied/debian/buster 2018-10-29 04:40:24 UTC 2018-10-29
Import patches-applied version 1.1.1-2 to applied/debian/sid

Author: Sebastian Andrzej Siewior
Author Date: 2018-10-28 22:52:24 UTC

Import patches-applied version 1.1.1-2 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 450be1ecad194ab3fc816533398d07c36b9f1a17
Unapplied parent: 5e7fb1d936a4bcecc1f48362c3913c37748014ed

New changelog entries:
  [ Sebastian Andrzej Siewior ]
  * Add Breaks on isync (See: #906955)
  * Fix autopkgtest (Closes: #910459)
  [ Kurt Roeckx ]
  * Add Breaks on python-imaplib2 (See: #907079)
  * Add news entry regarding default TLS version and security level
    (Closes: #875423, #907631, #911389, #912067).

applied/debian/sid 2018-10-29 04:40:24 UTC 2018-10-29
Import patches-applied version 1.1.1-2 to applied/debian/sid

Author: Sebastian Andrzej Siewior
Author Date: 2018-10-28 22:52:24 UTC

Import patches-applied version 1.1.1-2 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 450be1ecad194ab3fc816533398d07c36b9f1a17
Unapplied parent: 5e7fb1d936a4bcecc1f48362c3913c37748014ed

New changelog entries:
  [ Sebastian Andrzej Siewior ]
  * Add Breaks on isync (See: #906955)
  * Fix autopkgtest (Closes: #910459)
  [ Kurt Roeckx ]
  * Add Breaks on python-imaplib2 (See: #907079)
  * Add news entry regarding default TLS version and security level
    (Closes: #875423, #907631, #911389, #912067).

importer/ubuntu/dsc 2018-09-25 15:58:29 UTC 2018-09-25
DSC file for 1.1.1-1ubuntu2

Author: Ubuntu Git Importer
Author Date: 2018-09-25 15:58:29 UTC

DSC file for 1.1.1-1ubuntu2

applied/ubuntu/cosmic 2018-09-25 15:48:16 UTC 2018-09-25
Import patches-applied version 1.1.1-1ubuntu2 to applied/ubuntu/cosmic-proposed

Author: Dimitri John Ledkov
Author Date: 2018-09-25 14:41:07 UTC

Import patches-applied version 1.1.1-1ubuntu2 to applied/ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: 4bc7121524aed57ac07254d3becdf6f1a676098e
Unapplied parent: dfc8aa0d6496b46baa3c3bb4502d3e2d178d3702

New changelog entries:
  * Fixup typpos in the autopkgtest binary name.

ubuntu/disco-devel 2018-09-25 15:48:16 UTC 2018-09-25
Import patches-unapplied version 1.1.1-1ubuntu2 to ubuntu/cosmic-proposed

Author: Dimitri John Ledkov
Author Date: 2018-09-25 14:41:07 UTC

Import patches-unapplied version 1.1.1-1ubuntu2 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: c95f92275d7e52006b9b2f41c5cb7071184ab2ff

New changelog entries:
  * Fixup typpos in the autopkgtest binary name.

applied/ubuntu/cosmic-proposed 2018-09-25 15:48:16 UTC 2018-09-25
Import patches-applied version 1.1.1-1ubuntu2 to applied/ubuntu/cosmic-proposed

Author: Dimitri John Ledkov
Author Date: 2018-09-25 14:41:07 UTC

Import patches-applied version 1.1.1-1ubuntu2 to applied/ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: 4bc7121524aed57ac07254d3becdf6f1a676098e
Unapplied parent: dfc8aa0d6496b46baa3c3bb4502d3e2d178d3702

New changelog entries:
  * Fixup typpos in the autopkgtest binary name.

ubuntu/cosmic-proposed 2018-09-25 15:48:16 UTC 2018-09-25
Import patches-unapplied version 1.1.1-1ubuntu2 to ubuntu/cosmic-proposed

Author: Dimitri John Ledkov
Author Date: 2018-09-25 14:41:07 UTC

Import patches-unapplied version 1.1.1-1ubuntu2 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: c95f92275d7e52006b9b2f41c5cb7071184ab2ff

New changelog entries:
  * Fixup typpos in the autopkgtest binary name.

ubuntu/cosmic-devel 2018-09-25 15:48:16 UTC 2018-09-25
Import patches-unapplied version 1.1.1-1ubuntu2 to ubuntu/cosmic-proposed

Author: Dimitri John Ledkov
Author Date: 2018-09-25 14:41:07 UTC

Import patches-unapplied version 1.1.1-1ubuntu2 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: c95f92275d7e52006b9b2f41c5cb7071184ab2ff

New changelog entries:
  * Fixup typpos in the autopkgtest binary name.

ubuntu/devel 2018-09-25 15:48:16 UTC 2018-09-25
Import patches-unapplied version 1.1.1-1ubuntu2 to ubuntu/cosmic-proposed

Author: Dimitri John Ledkov
Author Date: 2018-09-25 14:41:07 UTC

Import patches-unapplied version 1.1.1-1ubuntu2 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: c95f92275d7e52006b9b2f41c5cb7071184ab2ff

New changelog entries:
  * Fixup typpos in the autopkgtest binary name.

ubuntu/disco 2018-09-25 15:48:16 UTC 2018-09-25
Import patches-unapplied version 1.1.1-1ubuntu2 to ubuntu/cosmic-proposed

Author: Dimitri John Ledkov
Author Date: 2018-09-25 14:41:07 UTC

Import patches-unapplied version 1.1.1-1ubuntu2 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: c95f92275d7e52006b9b2f41c5cb7071184ab2ff

New changelog entries:
  * Fixup typpos in the autopkgtest binary name.

applied/ubuntu/disco-devel 2018-09-25 15:48:16 UTC 2018-09-25
Import patches-applied version 1.1.1-1ubuntu2 to applied/ubuntu/cosmic-proposed

Author: Dimitri John Ledkov
Author Date: 2018-09-25 14:41:07 UTC

Import patches-applied version 1.1.1-1ubuntu2 to applied/ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: 4bc7121524aed57ac07254d3becdf6f1a676098e
Unapplied parent: dfc8aa0d6496b46baa3c3bb4502d3e2d178d3702

New changelog entries:
  * Fixup typpos in the autopkgtest binary name.

applied/ubuntu/disco 2018-09-25 15:48:16 UTC 2018-09-25
Import patches-applied version 1.1.1-1ubuntu2 to applied/ubuntu/cosmic-proposed

Author: Dimitri John Ledkov
Author Date: 2018-09-25 14:41:07 UTC

Import patches-applied version 1.1.1-1ubuntu2 to applied/ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: 4bc7121524aed57ac07254d3becdf6f1a676098e
Unapplied parent: dfc8aa0d6496b46baa3c3bb4502d3e2d178d3702

New changelog entries:
  * Fixup typpos in the autopkgtest binary name.

applied/ubuntu/devel 2018-09-25 15:48:16 UTC 2018-09-25
Import patches-applied version 1.1.1-1ubuntu2 to applied/ubuntu/cosmic-proposed

Author: Dimitri John Ledkov
Author Date: 2018-09-25 14:41:07 UTC

Import patches-applied version 1.1.1-1ubuntu2 to applied/ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: 4bc7121524aed57ac07254d3becdf6f1a676098e
Unapplied parent: dfc8aa0d6496b46baa3c3bb4502d3e2d178d3702

New changelog entries:
  * Fixup typpos in the autopkgtest binary name.

applied/ubuntu/cosmic-devel 2018-09-25 15:48:16 UTC 2018-09-25
Import patches-applied version 1.1.1-1ubuntu2 to applied/ubuntu/cosmic-proposed

Author: Dimitri John Ledkov
Author Date: 2018-09-25 14:41:07 UTC

Import patches-applied version 1.1.1-1ubuntu2 to applied/ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: 4bc7121524aed57ac07254d3becdf6f1a676098e
Unapplied parent: dfc8aa0d6496b46baa3c3bb4502d3e2d178d3702

New changelog entries:
  * Fixup typpos in the autopkgtest binary name.

ubuntu/cosmic 2018-09-25 15:48:16 UTC 2018-09-25
Import patches-unapplied version 1.1.1-1ubuntu2 to ubuntu/cosmic-proposed

Author: Dimitri John Ledkov
Author Date: 2018-09-25 14:41:07 UTC

Import patches-unapplied version 1.1.1-1ubuntu2 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: c95f92275d7e52006b9b2f41c5cb7071184ab2ff

New changelog entries:
  * Fixup typpos in the autopkgtest binary name.

applied/debian/stretch 2018-07-14 11:05:34 UTC 2018-07-14
Import patches-applied version 1.1.0f-3+deb9u2 to applied/debian/stretch

Author: Sebastian Andrzej Siewior
Author Date: 2018-03-29 10:51:02 UTC

Import patches-applied version 1.1.0f-3+deb9u2 to applied/debian/stretch

Imported using git-ubuntu import.

Changelog parent: a511a34aae33fc024f24d5f5b3bc9093e97a0f91
Unapplied parent: 29867532b178dc765d4fcfd857c04413fa240a36

New changelog entries:
  * CVE-2017-3738 (rsaz_1024_mul_avx2 overflow bug on x86_64)
  * CVE-2018-0733 (Incorrect CRYPTO_memcmp on HP-UX PA-RISC)
  * CVE-2018-0739 (Constructed ASN.1 types with a recursive definition could
    exceed the stack)
  * Add patches to pass the testsuite:
    - Fix-a-Proxy-race-condition.patch
    - Fix-race-condition-in-TLSProxy.patch

debian/stretch 2018-07-14 11:05:34 UTC 2018-07-14
Import patches-unapplied version 1.1.0f-3+deb9u2 to debian/stretch

Author: Sebastian Andrzej Siewior
Author Date: 2018-03-29 10:51:02 UTC

Import patches-unapplied version 1.1.0f-3+deb9u2 to debian/stretch

Imported using git-ubuntu import.

Changelog parent: 1a17052ebbaa09918f069bf6e63c10b60558c402

New changelog entries:
  * CVE-2017-3738 (rsaz_1024_mul_avx2 overflow bug on x86_64)
  * CVE-2018-0733 (Incorrect CRYPTO_memcmp on HP-UX PA-RISC)
  * CVE-2018-0739 (Constructed ASN.1 types with a recursive definition could
    exceed the stack)
  * Add patches to pass the testsuite:
    - Fix-a-Proxy-race-condition.patch
    - Fix-race-condition-in-TLSProxy.patch

debian/experimental 2018-07-05 04:26:21 UTC 2018-07-05
Import patches-unapplied version 1.1.1~~pre8-1 to debian/experimental

Author: Sebastian Andrzej Siewior
Author Date: 2018-07-04 22:21:00 UTC

Import patches-unapplied version 1.1.1~~pre8-1 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: b3efc01a93c549b7cc7b1035edff837315784473

New changelog entries:
  * New upstream version.

applied/debian/experimental 2018-07-05 04:26:21 UTC 2018-07-05
Import patches-applied version 1.1.1~~pre8-1 to applied/debian/experimental

Author: Sebastian Andrzej Siewior
Author Date: 2018-07-04 22:21:00 UTC

Import patches-applied version 1.1.1~~pre8-1 to applied/debian/experimental

Imported using git-ubuntu import.

Changelog parent: b658261a15849ae28634538f74e1d525aa915b8c
Unapplied parent: 4c6c98947cbbed95b49bdda8971253d7b28b9387

New changelog entries:
  * New upstream version.

applied/ubuntu/bionic-devel 2018-06-26 11:43:17 UTC 2018-06-26
Import patches-applied version 1.1.0g-2ubuntu4.1 to applied/ubuntu/bionic-sec...

Author: Marc Deslauriers
Author Date: 2018-06-20 11:29:12 UTC

Import patches-applied version 1.1.0g-2ubuntu4.1 to applied/ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: f3f5bc275ea764c10aeec9d2e081b3f802d1ef91
Unapplied parent: a20baf1d952d18e0bef75f981a1a43b09859b5d4

New changelog entries:
  * SECURITY UPDATE: ECDSA key extraction side channel
    - debian/patches/CVE-2018-0495.patch: add blinding to an ECDSA
      signature in crypto/ec/ecdsa_ossl.c.
    - CVE-2018-0495
  * SECURITY UPDATE: denial of service via long prime values
    - debian/patches/CVE-2018-0732.patch: reject excessively large primes
      in DH key generation in crypto/dh/dh_key.c.
    - CVE-2018-0732
  * SECURITY UPDATE: RSA cache timing side channel attack
    - debian/patches/CVE-2018-0737-1.patch: replaced variable-time GCD in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-2.patch: used ERR set/pop mark in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-3.patch: consttime flag changed in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-4.patch: ensure BN_mod_inverse and
      BN_mod_exp_mont both get called with BN_FLG_CONSTTIME flag set in
      crypto/rsa/rsa_gen.c.
    - CVE-2018-0737

applied/ubuntu/xenial-devel 2018-06-26 11:43:17 UTC 2018-06-26
Import patches-applied version 1.0.2g-1ubuntu4.13 to applied/ubuntu/xenial-se...

Author: Marc Deslauriers
Author Date: 2018-06-20 11:38:22 UTC

Import patches-applied version 1.0.2g-1ubuntu4.13 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 8a667e7ae12f4042b564114b728a3d9bd5d5afd8
Unapplied parent: 98c4b86cd30d8fb46c2d7dedbed143ed59ff64fa

New changelog entries:
  * SECURITY UPDATE: ECDSA key extraction side channel
    - debian/patches/CVE-2018-0495.patch: add blinding to an ECDSA
      signature in crypto/ecdsa/ecdsatest.c, crypto/ecdsa/ecs_ossl.c.
    - CVE-2018-0495
  * SECURITY UPDATE: denial of service via long prime values
    - debian/patches/CVE-2018-0732.patch: reject excessively large primes
      in DH key generation in crypto/dh/dh_key.c.
    - CVE-2018-0732
  * SECURITY UPDATE: RSA cache timing side channel attack
    (previous update was incomplete)
    - debian/patches/CVE-2018-0737-1.patch: replaced variable-time GCD in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-2.patch: used ERR set/pop mark in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-3.patch: consttime flag changed in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-4.patch: ensure BN_mod_inverse and
      BN_mod_exp_mont both get called with BN_FLG_CONSTTIME flag set in
      crypto/rsa/rsa_gen.c.
    - CVE-2018-0737

applied/ubuntu/xenial-security 2018-06-26 11:43:17 UTC 2018-06-26
Import patches-applied version 1.0.2g-1ubuntu4.13 to applied/ubuntu/xenial-se...

Author: Marc Deslauriers
Author Date: 2018-06-20 11:38:22 UTC

Import patches-applied version 1.0.2g-1ubuntu4.13 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 8a667e7ae12f4042b564114b728a3d9bd5d5afd8
Unapplied parent: 98c4b86cd30d8fb46c2d7dedbed143ed59ff64fa

New changelog entries:
  * SECURITY UPDATE: ECDSA key extraction side channel
    - debian/patches/CVE-2018-0495.patch: add blinding to an ECDSA
      signature in crypto/ecdsa/ecdsatest.c, crypto/ecdsa/ecs_ossl.c.
    - CVE-2018-0495
  * SECURITY UPDATE: denial of service via long prime values
    - debian/patches/CVE-2018-0732.patch: reject excessively large primes
      in DH key generation in crypto/dh/dh_key.c.
    - CVE-2018-0732
  * SECURITY UPDATE: RSA cache timing side channel attack
    (previous update was incomplete)
    - debian/patches/CVE-2018-0737-1.patch: replaced variable-time GCD in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-2.patch: used ERR set/pop mark in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-3.patch: consttime flag changed in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-4.patch: ensure BN_mod_inverse and
      BN_mod_exp_mont both get called with BN_FLG_CONSTTIME flag set in
      crypto/rsa/rsa_gen.c.
    - CVE-2018-0737

applied/ubuntu/artful-updates 2018-06-26 11:43:17 UTC 2018-06-26
Import patches-applied version 1.0.2g-1ubuntu13.6 to applied/ubuntu/artful-se...

Author: Marc Deslauriers
Author Date: 2018-06-20 11:32:59 UTC

Import patches-applied version 1.0.2g-1ubuntu13.6 to applied/ubuntu/artful-security

Imported using git-ubuntu import.

Changelog parent: 90f108af4cf2dd0d51f65b8d99091341ba518507
Unapplied parent: f2e01974a0e4c0e2de8d333d329bfbcb29d1a477

New changelog entries:
  * SECURITY UPDATE: ECDSA key extraction side channel
    - debian/patches/CVE-2018-0495.patch: add blinding to an ECDSA
      signature in crypto/ecdsa/ecdsatest.c, crypto/ecdsa/ecs_ossl.c.
    - CVE-2018-0495
  * SECURITY UPDATE: denial of service via long prime values
    - debian/patches/CVE-2018-0732.patch: reject excessively large primes
      in DH key generation in crypto/dh/dh_key.c.
    - CVE-2018-0732
  * SECURITY UPDATE: RSA cache timing side channel attack
    (previous update was incomplete)
    - debian/patches/CVE-2018-0737-1.patch: replaced variable-time GCD in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-2.patch: used ERR set/pop mark in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-3.patch: consttime flag changed in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-4.patch: ensure BN_mod_inverse and
      BN_mod_exp_mont both get called with BN_FLG_CONSTTIME flag set in
      crypto/rsa/rsa_gen.c.
    - CVE-2018-0737

applied/ubuntu/artful-devel 2018-06-26 11:43:17 UTC 2018-06-26
Import patches-applied version 1.0.2g-1ubuntu13.6 to applied/ubuntu/artful-se...

Author: Marc Deslauriers
Author Date: 2018-06-20 11:32:59 UTC

Import patches-applied version 1.0.2g-1ubuntu13.6 to applied/ubuntu/artful-security

Imported using git-ubuntu import.

Changelog parent: 90f108af4cf2dd0d51f65b8d99091341ba518507
Unapplied parent: f2e01974a0e4c0e2de8d333d329bfbcb29d1a477

New changelog entries:
  * SECURITY UPDATE: ECDSA key extraction side channel
    - debian/patches/CVE-2018-0495.patch: add blinding to an ECDSA
      signature in crypto/ecdsa/ecdsatest.c, crypto/ecdsa/ecs_ossl.c.
    - CVE-2018-0495
  * SECURITY UPDATE: denial of service via long prime values
    - debian/patches/CVE-2018-0732.patch: reject excessively large primes
      in DH key generation in crypto/dh/dh_key.c.
    - CVE-2018-0732
  * SECURITY UPDATE: RSA cache timing side channel attack
    (previous update was incomplete)
    - debian/patches/CVE-2018-0737-1.patch: replaced variable-time GCD in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-2.patch: used ERR set/pop mark in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-3.patch: consttime flag changed in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-4.patch: ensure BN_mod_inverse and
      BN_mod_exp_mont both get called with BN_FLG_CONSTTIME flag set in
      crypto/rsa/rsa_gen.c.
    - CVE-2018-0737

applied/ubuntu/artful-security 2018-06-26 11:43:17 UTC 2018-06-26
Import patches-applied version 1.0.2g-1ubuntu13.6 to applied/ubuntu/artful-se...

Author: Marc Deslauriers
Author Date: 2018-06-20 11:32:59 UTC

Import patches-applied version 1.0.2g-1ubuntu13.6 to applied/ubuntu/artful-security

Imported using git-ubuntu import.

Changelog parent: 90f108af4cf2dd0d51f65b8d99091341ba518507
Unapplied parent: f2e01974a0e4c0e2de8d333d329bfbcb29d1a477

New changelog entries:
  * SECURITY UPDATE: ECDSA key extraction side channel
    - debian/patches/CVE-2018-0495.patch: add blinding to an ECDSA
      signature in crypto/ecdsa/ecdsatest.c, crypto/ecdsa/ecs_ossl.c.
    - CVE-2018-0495
  * SECURITY UPDATE: denial of service via long prime values
    - debian/patches/CVE-2018-0732.patch: reject excessively large primes
      in DH key generation in crypto/dh/dh_key.c.
    - CVE-2018-0732
  * SECURITY UPDATE: RSA cache timing side channel attack
    (previous update was incomplete)
    - debian/patches/CVE-2018-0737-1.patch: replaced variable-time GCD in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-2.patch: used ERR set/pop mark in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-3.patch: consttime flag changed in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-4.patch: ensure BN_mod_inverse and
      BN_mod_exp_mont both get called with BN_FLG_CONSTTIME flag set in
      crypto/rsa/rsa_gen.c.
    - CVE-2018-0737

ubuntu/trusty-updates 2018-06-26 11:43:17 UTC 2018-06-26
Import patches-unapplied version 1.0.1f-1ubuntu2.26 to ubuntu/trusty-security

Author: Marc Deslauriers
Author Date: 2018-06-20 11:57:40 UTC

Import patches-unapplied version 1.0.1f-1ubuntu2.26 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: d0b2bd46b5e11ff37a538befcfb1436b0c1df1e2

New changelog entries:
  * SECURITY UPDATE: ECDSA key extraction side channel
    - debian/patches/CVE-2018-0495.patch: add blinding to an ECDSA
      signature in crypto/ecdsa/ecdsatest.c, crypto/ecdsa/ecs_ossl.c.
    - CVE-2018-0495
  * SECURITY UPDATE: denial of service via long prime values
    - debian/patches/CVE-2018-0732.patch: reject excessively large primes
      in DH key generation in crypto/dh/dh_key.c.
    - CVE-2018-0732
  * SECURITY UPDATE: RSA cache timing side channel attack
    (previous update was incomplete)
    - debian/patches/CVE-2018-0737-1.patch: replaced variable-time GCD in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-2.patch: used ERR set/pop mark in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-3.patch: consttime flag changed in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-4.patch: ensure BN_mod_inverse and
      BN_mod_exp_mont both get called with BN_FLG_CONSTTIME flag set in
      crypto/rsa/rsa_gen.c.
    - CVE-2018-0737

ubuntu/bionic-updates 2018-06-26 11:43:17 UTC 2018-06-26
Import patches-unapplied version 1.1.0g-2ubuntu4.1 to ubuntu/bionic-security

Author: Marc Deslauriers
Author Date: 2018-06-20 11:29:12 UTC

Import patches-unapplied version 1.1.0g-2ubuntu4.1 to ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: 969c29779652142458373f454bf986269095f2b5

New changelog entries:
  * SECURITY UPDATE: ECDSA key extraction side channel
    - debian/patches/CVE-2018-0495.patch: add blinding to an ECDSA
      signature in crypto/ec/ecdsa_ossl.c.
    - CVE-2018-0495
  * SECURITY UPDATE: denial of service via long prime values
    - debian/patches/CVE-2018-0732.patch: reject excessively large primes
      in DH key generation in crypto/dh/dh_key.c.
    - CVE-2018-0732
  * SECURITY UPDATE: RSA cache timing side channel attack
    - debian/patches/CVE-2018-0737-1.patch: replaced variable-time GCD in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-2.patch: used ERR set/pop mark in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-3.patch: consttime flag changed in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-4.patch: ensure BN_mod_inverse and
      BN_mod_exp_mont both get called with BN_FLG_CONSTTIME flag set in
      crypto/rsa/rsa_gen.c.
    - CVE-2018-0737

applied/ubuntu/trusty-devel 2018-06-26 11:43:17 UTC 2018-06-26
Import patches-applied version 1.0.1f-1ubuntu2.26 to applied/ubuntu/trusty-se...

Author: Marc Deslauriers
Author Date: 2018-06-20 11:57:40 UTC

Import patches-applied version 1.0.1f-1ubuntu2.26 to applied/ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 2cbbb7d4c72f3fc3bfe14aacf24323343256beae
Unapplied parent: a3b2d14773ef27fb6b7b8bd292f229b82d5b0cd8

New changelog entries:
  * SECURITY UPDATE: ECDSA key extraction side channel
    - debian/patches/CVE-2018-0495.patch: add blinding to an ECDSA
      signature in crypto/ecdsa/ecdsatest.c, crypto/ecdsa/ecs_ossl.c.
    - CVE-2018-0495
  * SECURITY UPDATE: denial of service via long prime values
    - debian/patches/CVE-2018-0732.patch: reject excessively large primes
      in DH key generation in crypto/dh/dh_key.c.
    - CVE-2018-0732
  * SECURITY UPDATE: RSA cache timing side channel attack
    (previous update was incomplete)
    - debian/patches/CVE-2018-0737-1.patch: replaced variable-time GCD in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-2.patch: used ERR set/pop mark in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-3.patch: consttime flag changed in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-4.patch: ensure BN_mod_inverse and
      BN_mod_exp_mont both get called with BN_FLG_CONSTTIME flag set in
      crypto/rsa/rsa_gen.c.
    - CVE-2018-0737

ubuntu/xenial-security 2018-06-26 11:43:17 UTC 2018-06-26
Import patches-unapplied version 1.0.2g-1ubuntu4.13 to ubuntu/xenial-security

Author: Marc Deslauriers
Author Date: 2018-06-20 11:38:22 UTC

Import patches-unapplied version 1.0.2g-1ubuntu4.13 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 4237557256f1f1491a9abf8cf1fa05178003fe6d

New changelog entries:
  * SECURITY UPDATE: ECDSA key extraction side channel
    - debian/patches/CVE-2018-0495.patch: add blinding to an ECDSA
      signature in crypto/ecdsa/ecdsatest.c, crypto/ecdsa/ecs_ossl.c.
    - CVE-2018-0495
  * SECURITY UPDATE: denial of service via long prime values
    - debian/patches/CVE-2018-0732.patch: reject excessively large primes
      in DH key generation in crypto/dh/dh_key.c.
    - CVE-2018-0732
  * SECURITY UPDATE: RSA cache timing side channel attack
    (previous update was incomplete)
    - debian/patches/CVE-2018-0737-1.patch: replaced variable-time GCD in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-2.patch: used ERR set/pop mark in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-3.patch: consttime flag changed in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-4.patch: ensure BN_mod_inverse and
      BN_mod_exp_mont both get called with BN_FLG_CONSTTIME flag set in
      crypto/rsa/rsa_gen.c.
    - CVE-2018-0737

ubuntu/bionic-security 2018-06-26 11:43:17 UTC 2018-06-26
Import patches-unapplied version 1.1.0g-2ubuntu4.1 to ubuntu/bionic-security

Author: Marc Deslauriers
Author Date: 2018-06-20 11:29:12 UTC

Import patches-unapplied version 1.1.0g-2ubuntu4.1 to ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: 969c29779652142458373f454bf986269095f2b5

New changelog entries:
  * SECURITY UPDATE: ECDSA key extraction side channel
    - debian/patches/CVE-2018-0495.patch: add blinding to an ECDSA
      signature in crypto/ec/ecdsa_ossl.c.
    - CVE-2018-0495
  * SECURITY UPDATE: denial of service via long prime values
    - debian/patches/CVE-2018-0732.patch: reject excessively large primes
      in DH key generation in crypto/dh/dh_key.c.
    - CVE-2018-0732
  * SECURITY UPDATE: RSA cache timing side channel attack
    - debian/patches/CVE-2018-0737-1.patch: replaced variable-time GCD in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-2.patch: used ERR set/pop mark in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-3.patch: consttime flag changed in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-4.patch: ensure BN_mod_inverse and
      BN_mod_exp_mont both get called with BN_FLG_CONSTTIME flag set in
      crypto/rsa/rsa_gen.c.
    - CVE-2018-0737

ubuntu/xenial-devel 2018-06-26 11:43:17 UTC 2018-06-26
Import patches-unapplied version 1.0.2g-1ubuntu4.13 to ubuntu/xenial-security

Author: Marc Deslauriers
Author Date: 2018-06-20 11:38:22 UTC

Import patches-unapplied version 1.0.2g-1ubuntu4.13 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 4237557256f1f1491a9abf8cf1fa05178003fe6d

New changelog entries:
  * SECURITY UPDATE: ECDSA key extraction side channel
    - debian/patches/CVE-2018-0495.patch: add blinding to an ECDSA
      signature in crypto/ecdsa/ecdsatest.c, crypto/ecdsa/ecs_ossl.c.
    - CVE-2018-0495
  * SECURITY UPDATE: denial of service via long prime values
    - debian/patches/CVE-2018-0732.patch: reject excessively large primes
      in DH key generation in crypto/dh/dh_key.c.
    - CVE-2018-0732
  * SECURITY UPDATE: RSA cache timing side channel attack
    (previous update was incomplete)
    - debian/patches/CVE-2018-0737-1.patch: replaced variable-time GCD in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-2.patch: used ERR set/pop mark in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-3.patch: consttime flag changed in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-4.patch: ensure BN_mod_inverse and
      BN_mod_exp_mont both get called with BN_FLG_CONSTTIME flag set in
      crypto/rsa/rsa_gen.c.
    - CVE-2018-0737

ubuntu/artful-devel 2018-06-26 11:43:17 UTC 2018-06-26
Import patches-unapplied version 1.0.2g-1ubuntu13.6 to ubuntu/artful-security

Author: Marc Deslauriers
Author Date: 2018-06-20 11:32:59 UTC

Import patches-unapplied version 1.0.2g-1ubuntu13.6 to ubuntu/artful-security

Imported using git-ubuntu import.

Changelog parent: 17429a963fcb9125abced148e2998be19f25555c

New changelog entries:
  * SECURITY UPDATE: ECDSA key extraction side channel
    - debian/patches/CVE-2018-0495.patch: add blinding to an ECDSA
      signature in crypto/ecdsa/ecdsatest.c, crypto/ecdsa/ecs_ossl.c.
    - CVE-2018-0495
  * SECURITY UPDATE: denial of service via long prime values
    - debian/patches/CVE-2018-0732.patch: reject excessively large primes
      in DH key generation in crypto/dh/dh_key.c.
    - CVE-2018-0732
  * SECURITY UPDATE: RSA cache timing side channel attack
    (previous update was incomplete)
    - debian/patches/CVE-2018-0737-1.patch: replaced variable-time GCD in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-2.patch: used ERR set/pop mark in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-3.patch: consttime flag changed in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-4.patch: ensure BN_mod_inverse and
      BN_mod_exp_mont both get called with BN_FLG_CONSTTIME flag set in
      crypto/rsa/rsa_gen.c.
    - CVE-2018-0737

applied/ubuntu/xenial-updates 2018-06-26 11:43:17 UTC 2018-06-26
Import patches-applied version 1.0.2g-1ubuntu4.13 to applied/ubuntu/xenial-se...

Author: Marc Deslauriers
Author Date: 2018-06-20 11:38:22 UTC

Import patches-applied version 1.0.2g-1ubuntu4.13 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 8a667e7ae12f4042b564114b728a3d9bd5d5afd8
Unapplied parent: 98c4b86cd30d8fb46c2d7dedbed143ed59ff64fa

New changelog entries:
  * SECURITY UPDATE: ECDSA key extraction side channel
    - debian/patches/CVE-2018-0495.patch: add blinding to an ECDSA
      signature in crypto/ecdsa/ecdsatest.c, crypto/ecdsa/ecs_ossl.c.
    - CVE-2018-0495
  * SECURITY UPDATE: denial of service via long prime values
    - debian/patches/CVE-2018-0732.patch: reject excessively large primes
      in DH key generation in crypto/dh/dh_key.c.
    - CVE-2018-0732
  * SECURITY UPDATE: RSA cache timing side channel attack
    (previous update was incomplete)
    - debian/patches/CVE-2018-0737-1.patch: replaced variable-time GCD in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-2.patch: used ERR set/pop mark in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-3.patch: consttime flag changed in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-4.patch: ensure BN_mod_inverse and
      BN_mod_exp_mont both get called with BN_FLG_CONSTTIME flag set in
      crypto/rsa/rsa_gen.c.
    - CVE-2018-0737

ubuntu/xenial-updates 2018-06-26 11:43:17 UTC 2018-06-26
Import patches-unapplied version 1.0.2g-1ubuntu4.13 to ubuntu/xenial-security

Author: Marc Deslauriers
Author Date: 2018-06-20 11:38:22 UTC

Import patches-unapplied version 1.0.2g-1ubuntu4.13 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 4237557256f1f1491a9abf8cf1fa05178003fe6d

New changelog entries:
  * SECURITY UPDATE: ECDSA key extraction side channel
    - debian/patches/CVE-2018-0495.patch: add blinding to an ECDSA
      signature in crypto/ecdsa/ecdsatest.c, crypto/ecdsa/ecs_ossl.c.
    - CVE-2018-0495
  * SECURITY UPDATE: denial of service via long prime values
    - debian/patches/CVE-2018-0732.patch: reject excessively large primes
      in DH key generation in crypto/dh/dh_key.c.
    - CVE-2018-0732
  * SECURITY UPDATE: RSA cache timing side channel attack
    (previous update was incomplete)
    - debian/patches/CVE-2018-0737-1.patch: replaced variable-time GCD in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-2.patch: used ERR set/pop mark in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-3.patch: consttime flag changed in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-4.patch: ensure BN_mod_inverse and
      BN_mod_exp_mont both get called with BN_FLG_CONSTTIME flag set in
      crypto/rsa/rsa_gen.c.
    - CVE-2018-0737

ubuntu/trusty-devel 2018-06-26 11:43:17 UTC 2018-06-26
Import patches-unapplied version 1.0.1f-1ubuntu2.26 to ubuntu/trusty-security

Author: Marc Deslauriers
Author Date: 2018-06-20 11:57:40 UTC

Import patches-unapplied version 1.0.1f-1ubuntu2.26 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: d0b2bd46b5e11ff37a538befcfb1436b0c1df1e2

New changelog entries:
  * SECURITY UPDATE: ECDSA key extraction side channel
    - debian/patches/CVE-2018-0495.patch: add blinding to an ECDSA
      signature in crypto/ecdsa/ecdsatest.c, crypto/ecdsa/ecs_ossl.c.
    - CVE-2018-0495
  * SECURITY UPDATE: denial of service via long prime values
    - debian/patches/CVE-2018-0732.patch: reject excessively large primes
      in DH key generation in crypto/dh/dh_key.c.
    - CVE-2018-0732
  * SECURITY UPDATE: RSA cache timing side channel attack
    (previous update was incomplete)
    - debian/patches/CVE-2018-0737-1.patch: replaced variable-time GCD in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-2.patch: used ERR set/pop mark in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-3.patch: consttime flag changed in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-4.patch: ensure BN_mod_inverse and
      BN_mod_exp_mont both get called with BN_FLG_CONSTTIME flag set in
      crypto/rsa/rsa_gen.c.
    - CVE-2018-0737

applied/ubuntu/bionic-updates 2018-06-26 11:43:17 UTC 2018-06-26
Import patches-applied version 1.1.0g-2ubuntu4.1 to applied/ubuntu/bionic-sec...

Author: Marc Deslauriers
Author Date: 2018-06-20 11:29:12 UTC

Import patches-applied version 1.1.0g-2ubuntu4.1 to applied/ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: f3f5bc275ea764c10aeec9d2e081b3f802d1ef91
Unapplied parent: a20baf1d952d18e0bef75f981a1a43b09859b5d4

New changelog entries:
  * SECURITY UPDATE: ECDSA key extraction side channel
    - debian/patches/CVE-2018-0495.patch: add blinding to an ECDSA
      signature in crypto/ec/ecdsa_ossl.c.
    - CVE-2018-0495
  * SECURITY UPDATE: denial of service via long prime values
    - debian/patches/CVE-2018-0732.patch: reject excessively large primes
      in DH key generation in crypto/dh/dh_key.c.
    - CVE-2018-0732
  * SECURITY UPDATE: RSA cache timing side channel attack
    - debian/patches/CVE-2018-0737-1.patch: replaced variable-time GCD in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-2.patch: used ERR set/pop mark in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-3.patch: consttime flag changed in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-4.patch: ensure BN_mod_inverse and
      BN_mod_exp_mont both get called with BN_FLG_CONSTTIME flag set in
      crypto/rsa/rsa_gen.c.
    - CVE-2018-0737

applied/ubuntu/trusty-updates 2018-06-26 11:43:17 UTC 2018-06-26
Import patches-applied version 1.0.1f-1ubuntu2.26 to applied/ubuntu/trusty-se...

Author: Marc Deslauriers
Author Date: 2018-06-20 11:57:40 UTC

Import patches-applied version 1.0.1f-1ubuntu2.26 to applied/ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 2cbbb7d4c72f3fc3bfe14aacf24323343256beae
Unapplied parent: a3b2d14773ef27fb6b7b8bd292f229b82d5b0cd8

New changelog entries:
  * SECURITY UPDATE: ECDSA key extraction side channel
    - debian/patches/CVE-2018-0495.patch: add blinding to an ECDSA
      signature in crypto/ecdsa/ecdsatest.c, crypto/ecdsa/ecs_ossl.c.
    - CVE-2018-0495
  * SECURITY UPDATE: denial of service via long prime values
    - debian/patches/CVE-2018-0732.patch: reject excessively large primes
      in DH key generation in crypto/dh/dh_key.c.
    - CVE-2018-0732
  * SECURITY UPDATE: RSA cache timing side channel attack
    (previous update was incomplete)
    - debian/patches/CVE-2018-0737-1.patch: replaced variable-time GCD in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-2.patch: used ERR set/pop mark in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-3.patch: consttime flag changed in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-4.patch: ensure BN_mod_inverse and
      BN_mod_exp_mont both get called with BN_FLG_CONSTTIME flag set in
      crypto/rsa/rsa_gen.c.
    - CVE-2018-0737

applied/ubuntu/bionic-security 2018-06-26 11:43:17 UTC 2018-06-26
Import patches-applied version 1.1.0g-2ubuntu4.1 to applied/ubuntu/bionic-sec...

Author: Marc Deslauriers
Author Date: 2018-06-20 11:29:12 UTC

Import patches-applied version 1.1.0g-2ubuntu4.1 to applied/ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: f3f5bc275ea764c10aeec9d2e081b3f802d1ef91
Unapplied parent: a20baf1d952d18e0bef75f981a1a43b09859b5d4

New changelog entries:
  * SECURITY UPDATE: ECDSA key extraction side channel
    - debian/patches/CVE-2018-0495.patch: add blinding to an ECDSA
      signature in crypto/ec/ecdsa_ossl.c.
    - CVE-2018-0495
  * SECURITY UPDATE: denial of service via long prime values
    - debian/patches/CVE-2018-0732.patch: reject excessively large primes
      in DH key generation in crypto/dh/dh_key.c.
    - CVE-2018-0732
  * SECURITY UPDATE: RSA cache timing side channel attack
    - debian/patches/CVE-2018-0737-1.patch: replaced variable-time GCD in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-2.patch: used ERR set/pop mark in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-3.patch: consttime flag changed in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-4.patch: ensure BN_mod_inverse and
      BN_mod_exp_mont both get called with BN_FLG_CONSTTIME flag set in
      crypto/rsa/rsa_gen.c.
    - CVE-2018-0737

ubuntu/artful-security 2018-06-26 11:43:17 UTC 2018-06-26
Import patches-unapplied version 1.0.2g-1ubuntu13.6 to ubuntu/artful-security

Author: Marc Deslauriers
Author Date: 2018-06-20 11:32:59 UTC

Import patches-unapplied version 1.0.2g-1ubuntu13.6 to ubuntu/artful-security

Imported using git-ubuntu import.

Changelog parent: 17429a963fcb9125abced148e2998be19f25555c

New changelog entries:
  * SECURITY UPDATE: ECDSA key extraction side channel
    - debian/patches/CVE-2018-0495.patch: add blinding to an ECDSA
      signature in crypto/ecdsa/ecdsatest.c, crypto/ecdsa/ecs_ossl.c.
    - CVE-2018-0495
  * SECURITY UPDATE: denial of service via long prime values
    - debian/patches/CVE-2018-0732.patch: reject excessively large primes
      in DH key generation in crypto/dh/dh_key.c.
    - CVE-2018-0732
  * SECURITY UPDATE: RSA cache timing side channel attack
    (previous update was incomplete)
    - debian/patches/CVE-2018-0737-1.patch: replaced variable-time GCD in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-2.patch: used ERR set/pop mark in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-3.patch: consttime flag changed in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-4.patch: ensure BN_mod_inverse and
      BN_mod_exp_mont both get called with BN_FLG_CONSTTIME flag set in
      crypto/rsa/rsa_gen.c.
    - CVE-2018-0737

ubuntu/artful-updates 2018-06-26 11:43:17 UTC 2018-06-26
Import patches-unapplied version 1.0.2g-1ubuntu13.6 to ubuntu/artful-security

Author: Marc Deslauriers
Author Date: 2018-06-20 11:32:59 UTC

Import patches-unapplied version 1.0.2g-1ubuntu13.6 to ubuntu/artful-security

Imported using git-ubuntu import.

Changelog parent: 17429a963fcb9125abced148e2998be19f25555c

New changelog entries:
  * SECURITY UPDATE: ECDSA key extraction side channel
    - debian/patches/CVE-2018-0495.patch: add blinding to an ECDSA
      signature in crypto/ecdsa/ecdsatest.c, crypto/ecdsa/ecs_ossl.c.
    - CVE-2018-0495
  * SECURITY UPDATE: denial of service via long prime values
    - debian/patches/CVE-2018-0732.patch: reject excessively large primes
      in DH key generation in crypto/dh/dh_key.c.
    - CVE-2018-0732
  * SECURITY UPDATE: RSA cache timing side channel attack
    (previous update was incomplete)
    - debian/patches/CVE-2018-0737-1.patch: replaced variable-time GCD in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-2.patch: used ERR set/pop mark in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-3.patch: consttime flag changed in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-4.patch: ensure BN_mod_inverse and
      BN_mod_exp_mont both get called with BN_FLG_CONSTTIME flag set in
      crypto/rsa/rsa_gen.c.
    - CVE-2018-0737

ubuntu/bionic-devel 2018-06-26 11:43:17 UTC 2018-06-26
Import patches-unapplied version 1.1.0g-2ubuntu4.1 to ubuntu/bionic-security

Author: Marc Deslauriers
Author Date: 2018-06-20 11:29:12 UTC

Import patches-unapplied version 1.1.0g-2ubuntu4.1 to ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: 969c29779652142458373f454bf986269095f2b5

New changelog entries:
  * SECURITY UPDATE: ECDSA key extraction side channel
    - debian/patches/CVE-2018-0495.patch: add blinding to an ECDSA
      signature in crypto/ec/ecdsa_ossl.c.
    - CVE-2018-0495
  * SECURITY UPDATE: denial of service via long prime values
    - debian/patches/CVE-2018-0732.patch: reject excessively large primes
      in DH key generation in crypto/dh/dh_key.c.
    - CVE-2018-0732
  * SECURITY UPDATE: RSA cache timing side channel attack
    - debian/patches/CVE-2018-0737-1.patch: replaced variable-time GCD in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-2.patch: used ERR set/pop mark in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-3.patch: consttime flag changed in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-4.patch: ensure BN_mod_inverse and
      BN_mod_exp_mont both get called with BN_FLG_CONSTTIME flag set in
      crypto/rsa/rsa_gen.c.
    - CVE-2018-0737

applied/ubuntu/trusty-security 2018-06-26 11:43:17 UTC 2018-06-26
Import patches-applied version 1.0.1f-1ubuntu2.26 to applied/ubuntu/trusty-se...

Author: Marc Deslauriers
Author Date: 2018-06-20 11:57:40 UTC

Import patches-applied version 1.0.1f-1ubuntu2.26 to applied/ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 2cbbb7d4c72f3fc3bfe14aacf24323343256beae
Unapplied parent: a3b2d14773ef27fb6b7b8bd292f229b82d5b0cd8

New changelog entries:
  * SECURITY UPDATE: ECDSA key extraction side channel
    - debian/patches/CVE-2018-0495.patch: add blinding to an ECDSA
      signature in crypto/ecdsa/ecdsatest.c, crypto/ecdsa/ecs_ossl.c.
    - CVE-2018-0495
  * SECURITY UPDATE: denial of service via long prime values
    - debian/patches/CVE-2018-0732.patch: reject excessively large primes
      in DH key generation in crypto/dh/dh_key.c.
    - CVE-2018-0732
  * SECURITY UPDATE: RSA cache timing side channel attack
    (previous update was incomplete)
    - debian/patches/CVE-2018-0737-1.patch: replaced variable-time GCD in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-2.patch: used ERR set/pop mark in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-3.patch: consttime flag changed in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-4.patch: ensure BN_mod_inverse and
      BN_mod_exp_mont both get called with BN_FLG_CONSTTIME flag set in
      crypto/rsa/rsa_gen.c.
    - CVE-2018-0737

ubuntu/trusty-security 2018-06-26 11:43:17 UTC 2018-06-26
Import patches-unapplied version 1.0.1f-1ubuntu2.26 to ubuntu/trusty-security

Author: Marc Deslauriers
Author Date: 2018-06-20 11:57:40 UTC

Import patches-unapplied version 1.0.1f-1ubuntu2.26 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: d0b2bd46b5e11ff37a538befcfb1436b0c1df1e2

New changelog entries:
  * SECURITY UPDATE: ECDSA key extraction side channel
    - debian/patches/CVE-2018-0495.patch: add blinding to an ECDSA
      signature in crypto/ecdsa/ecdsatest.c, crypto/ecdsa/ecs_ossl.c.
    - CVE-2018-0495
  * SECURITY UPDATE: denial of service via long prime values
    - debian/patches/CVE-2018-0732.patch: reject excessively large primes
      in DH key generation in crypto/dh/dh_key.c.
    - CVE-2018-0732
  * SECURITY UPDATE: RSA cache timing side channel attack
    (previous update was incomplete)
    - debian/patches/CVE-2018-0737-1.patch: replaced variable-time GCD in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-2.patch: used ERR set/pop mark in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-3.patch: consttime flag changed in
      crypto/rsa/rsa_gen.c.
    - debian/patches/CVE-2018-0737-4.patch: ensure BN_mod_inverse and
      BN_mod_exp_mont both get called with BN_FLG_CONSTTIME flag set in
      crypto/rsa/rsa_gen.c.
    - CVE-2018-0737

debian/jessie 2018-06-23 17:24:53 UTC 2018-06-23
Import patches-unapplied version 1.0.1t-1+deb8u8 to debian/jessie

Author: Sebastian Andrzej Siewior
Author Date: 2018-03-29 11:18:00 UTC

Import patches-unapplied version 1.0.1t-1+deb8u8 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: 6a1844812bbe4e4de9650e6aee9c238fb9713912

New changelog entries:
  * CVE-2018-0739 (Constructed ASN.1 types with a recursive definition could
    exceed the stack)

applied/debian/jessie 2018-06-23 17:24:53 UTC 2018-06-23
Import patches-applied version 1.0.1t-1+deb8u8 to applied/debian/jessie

Author: Sebastian Andrzej Siewior
Author Date: 2018-03-29 11:18:00 UTC

Import patches-applied version 1.0.1t-1+deb8u8 to applied/debian/jessie

Imported using git-ubuntu import.

Changelog parent: 2dfea1dc250270027df59ea0594ce7af50fc0f8e
Unapplied parent: b9b707bd919a247b99c42ce9b0fb36d9f3624df3

New changelog entries:
  * CVE-2018-0739 (Constructed ASN.1 types with a recursive definition could
    exceed the stack)

applied/ubuntu/bionic 2018-04-25 19:04:07 UTC 2018-04-25
Import patches-applied version 1.1.0g-2ubuntu4 to applied/ubuntu/bionic-proposed

Author: Brian Murray
Author Date: 2018-04-25 17:03:48 UTC

Import patches-applied version 1.1.0g-2ubuntu4 to applied/ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 28485d1564cc2551ada6b9fa8b74a0ba0394e2bd
Unapplied parent: a445331d708e4c0217c216894f699ee5a57f0e03

New changelog entries:
  * debian/patches/rehash-pass-on-dupes.patch: Don't return 1 when a duplicate
    certificate is found. (LP: #1764848)

ubuntu/bionic 2018-04-25 19:04:07 UTC 2018-04-25
Import patches-unapplied version 1.1.0g-2ubuntu4 to ubuntu/bionic-proposed

Author: Brian Murray
Author Date: 2018-04-25 17:03:48 UTC

Import patches-unapplied version 1.1.0g-2ubuntu4 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: db72499dd1f84296ae63ac044d87d2848c45a946

New changelog entries:
  * debian/patches/rehash-pass-on-dupes.patch: Don't return 1 when a duplicate
    certificate is found. (LP: #1764848)

ubuntu/bionic-proposed 2018-04-25 19:04:07 UTC 2018-04-25
Import patches-unapplied version 1.1.0g-2ubuntu4 to ubuntu/bionic-proposed

Author: Brian Murray
Author Date: 2018-04-25 17:03:48 UTC

Import patches-unapplied version 1.1.0g-2ubuntu4 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: db72499dd1f84296ae63ac044d87d2848c45a946

New changelog entries:
  * debian/patches/rehash-pass-on-dupes.patch: Don't return 1 when a duplicate
    certificate is found. (LP: #1764848)

applied/ubuntu/bionic-proposed 2018-04-25 19:04:07 UTC 2018-04-25
Import patches-applied version 1.1.0g-2ubuntu4 to applied/ubuntu/bionic-proposed

Author: Brian Murray
Author Date: 2018-04-25 17:03:48 UTC

Import patches-applied version 1.1.0g-2ubuntu4 to applied/ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 28485d1564cc2551ada6b9fa8b74a0ba0394e2bd
Unapplied parent: a445331d708e4c0217c216894f699ee5a57f0e03

New changelog entries:
  * debian/patches/rehash-pass-on-dupes.patch: Don't return 1 when a duplicate
    certificate is found. (LP: #1764848)

importer/debian/pristine-tar 2018-04-06 01:17:33 UTC 2018-04-06
pristine-tar data for openssl_1.1.1~~pre4.orig.tar.gz

Author: Ubuntu Git Importer
Author Date: 2018-04-06 01:17:33 UTC

pristine-tar data for openssl_1.1.1~~pre4.orig.tar.gz

importer/ubuntu/pristine-tar 2018-03-09 14:42:15 UTC 2018-03-09
pristine-tar data for openssl_1.1.0g.orig.tar.gz

Author: Ubuntu Git Importer
Author Date: 2018-03-09 14:42:15 UTC

pristine-tar data for openssl_1.1.0g.orig.tar.gz

applied/ubuntu/zesty-updates 2017-12-11 19:23:59 UTC 2017-12-11
Import patches-applied version 1.0.2g-1ubuntu11.4 to applied/ubuntu/zesty-sec...

Author: Marc Deslauriers
Author Date: 2017-12-07 18:16:57 UTC

Import patches-applied version 1.0.2g-1ubuntu11.4 to applied/ubuntu/zesty-security

Imported using git-ubuntu import.

Changelog parent: cb19a38dca54f5678288c3fbbfebde45c9ea723c
Unapplied parent: 6de8b0ba0f530e92a56b9fbf650b28a214c6b299

New changelog entries:
  * SECURITY UPDATE: Read/write after SSL object in error state
    - debian/patches/CVE-2017-3737-pre.patch: add test/ssltestlib.*,
      add to test/Makefile.
    - debian/patches/CVE-2017-3737-1.patch: don't allow read/write after
      fatal error in ssl/ssl.h.
    - debian/patches/CVE-2017-3737-2.patch: add test to ssl/Makefile,
      ssl/fatalerrtest.c, test/Makefile.
    - CVE-2017-3737
  * SECURITY UPDATE: rsaz_1024_mul_avx2 overflow bug on x86_64
    - debian/patches/CVE-2017-3738.patch: fix digit correction bug in
      crypto/bn/asm/rsaz-avx2.pl.
    - CVE-2017-3738

ubuntu/zesty-devel 2017-12-11 19:23:59 UTC 2017-12-11
Import patches-unapplied version 1.0.2g-1ubuntu11.4 to ubuntu/zesty-security

Author: Marc Deslauriers
Author Date: 2017-12-07 18:16:57 UTC

Import patches-unapplied version 1.0.2g-1ubuntu11.4 to ubuntu/zesty-security

Imported using git-ubuntu import.

Changelog parent: b031da8065b904a5d0c73e3b81597c7cfc392e0a

New changelog entries:
  * SECURITY UPDATE: Read/write after SSL object in error state
    - debian/patches/CVE-2017-3737-pre.patch: add test/ssltestlib.*,
      add to test/Makefile.
    - debian/patches/CVE-2017-3737-1.patch: don't allow read/write after
      fatal error in ssl/ssl.h.
    - debian/patches/CVE-2017-3737-2.patch: add test to ssl/Makefile,
      ssl/fatalerrtest.c, test/Makefile.
    - CVE-2017-3737
  * SECURITY UPDATE: rsaz_1024_mul_avx2 overflow bug on x86_64
    - debian/patches/CVE-2017-3738.patch: fix digit correction bug in
      crypto/bn/asm/rsaz-avx2.pl.
    - CVE-2017-3738

ubuntu/zesty-updates 2017-12-11 19:23:59 UTC 2017-12-11
Import patches-unapplied version 1.0.2g-1ubuntu11.4 to ubuntu/zesty-security

Author: Marc Deslauriers
Author Date: 2017-12-07 18:16:57 UTC

Import patches-unapplied version 1.0.2g-1ubuntu11.4 to ubuntu/zesty-security

Imported using git-ubuntu import.

Changelog parent: b031da8065b904a5d0c73e3b81597c7cfc392e0a

New changelog entries:
  * SECURITY UPDATE: Read/write after SSL object in error state
    - debian/patches/CVE-2017-3737-pre.patch: add test/ssltestlib.*,
      add to test/Makefile.
    - debian/patches/CVE-2017-3737-1.patch: don't allow read/write after
      fatal error in ssl/ssl.h.
    - debian/patches/CVE-2017-3737-2.patch: add test to ssl/Makefile,
      ssl/fatalerrtest.c, test/Makefile.
    - CVE-2017-3737
  * SECURITY UPDATE: rsaz_1024_mul_avx2 overflow bug on x86_64
    - debian/patches/CVE-2017-3738.patch: fix digit correction bug in
      crypto/bn/asm/rsaz-avx2.pl.
    - CVE-2017-3738

applied/ubuntu/zesty-devel 2017-12-11 19:23:59 UTC 2017-12-11
Import patches-applied version 1.0.2g-1ubuntu11.4 to applied/ubuntu/zesty-sec...

Author: Marc Deslauriers
Author Date: 2017-12-07 18:16:57 UTC

Import patches-applied version 1.0.2g-1ubuntu11.4 to applied/ubuntu/zesty-security

Imported using git-ubuntu import.

Changelog parent: cb19a38dca54f5678288c3fbbfebde45c9ea723c
Unapplied parent: 6de8b0ba0f530e92a56b9fbf650b28a214c6b299

New changelog entries:
  * SECURITY UPDATE: Read/write after SSL object in error state
    - debian/patches/CVE-2017-3737-pre.patch: add test/ssltestlib.*,
      add to test/Makefile.
    - debian/patches/CVE-2017-3737-1.patch: don't allow read/write after
      fatal error in ssl/ssl.h.
    - debian/patches/CVE-2017-3737-2.patch: add test to ssl/Makefile,
      ssl/fatalerrtest.c, test/Makefile.
    - CVE-2017-3737
  * SECURITY UPDATE: rsaz_1024_mul_avx2 overflow bug on x86_64
    - debian/patches/CVE-2017-3738.patch: fix digit correction bug in
      crypto/bn/asm/rsaz-avx2.pl.
    - CVE-2017-3738

applied/ubuntu/zesty-security 2017-12-11 19:23:59 UTC 2017-12-11
Import patches-applied version 1.0.2g-1ubuntu11.4 to applied/ubuntu/zesty-sec...

Author: Marc Deslauriers
Author Date: 2017-12-07 18:16:57 UTC

Import patches-applied version 1.0.2g-1ubuntu11.4 to applied/ubuntu/zesty-security

Imported using git-ubuntu import.

Changelog parent: cb19a38dca54f5678288c3fbbfebde45c9ea723c
Unapplied parent: 6de8b0ba0f530e92a56b9fbf650b28a214c6b299

New changelog entries:
  * SECURITY UPDATE: Read/write after SSL object in error state
    - debian/patches/CVE-2017-3737-pre.patch: add test/ssltestlib.*,
      add to test/Makefile.
    - debian/patches/CVE-2017-3737-1.patch: don't allow read/write after
      fatal error in ssl/ssl.h.
    - debian/patches/CVE-2017-3737-2.patch: add test to ssl/Makefile,
      ssl/fatalerrtest.c, test/Makefile.
    - CVE-2017-3737
  * SECURITY UPDATE: rsaz_1024_mul_avx2 overflow bug on x86_64
    - debian/patches/CVE-2017-3738.patch: fix digit correction bug in
      crypto/bn/asm/rsaz-avx2.pl.
    - CVE-2017-3738

ubuntu/zesty-security 2017-12-11 19:23:59 UTC 2017-12-11
Import patches-unapplied version 1.0.2g-1ubuntu11.4 to ubuntu/zesty-security

Author: Marc Deslauriers
Author Date: 2017-12-07 18:16:57 UTC

Import patches-unapplied version 1.0.2g-1ubuntu11.4 to ubuntu/zesty-security

Imported using git-ubuntu import.

Changelog parent: b031da8065b904a5d0c73e3b81597c7cfc392e0a

New changelog entries:
  * SECURITY UPDATE: Read/write after SSL object in error state
    - debian/patches/CVE-2017-3737-pre.patch: add test/ssltestlib.*,
      add to test/Makefile.
    - debian/patches/CVE-2017-3737-1.patch: don't allow read/write after
      fatal error in ssl/ssl.h.
    - debian/patches/CVE-2017-3737-2.patch: add test to ssl/Makefile,
      ssl/fatalerrtest.c, test/Makefile.
    - CVE-2017-3737
  * SECURITY UPDATE: rsaz_1024_mul_avx2 overflow bug on x86_64
    - debian/patches/CVE-2017-3738.patch: fix digit correction bug in
      crypto/bn/asm/rsaz-avx2.pl.
    - CVE-2017-3738

applied/ubuntu/xenial-proposed 2017-05-19 14:13:14 UTC 2017-05-19
Import patches-applied version 1.0.2g-1ubuntu4.8 to applied/ubuntu/xenial-pro...

Author: William Grant
Author Date: 2017-05-19 08:27:58 UTC

Import patches-applied version 1.0.2g-1ubuntu4.8 to applied/ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: b15e3fbcd9ef597fe9892f5d46f4e756938e0fdd
Unapplied parent: 9bc63c72afef18bc97db1170810066a70f1524b2

New changelog entries:
  * aes/asm/aesni-sha*-x86_64.pl: fix IV handling in SHAEXT paths.
    (LP: #1674399)

ubuntu/xenial-proposed 2017-05-19 14:13:14 UTC 2017-05-19
Import patches-unapplied version 1.0.2g-1ubuntu4.8 to ubuntu/xenial-proposed

Author: William Grant
Author Date: 2017-05-19 08:27:58 UTC

Import patches-unapplied version 1.0.2g-1ubuntu4.8 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 2a85a4b041f42290f2106ca9a4f25c833a1f9c1b

New changelog entries:
  * aes/asm/aesni-sha*-x86_64.pl: fix IV handling in SHAEXT paths.
    (LP: #1674399)

applied/ubuntu/yakkety-proposed 2017-05-19 14:08:16 UTC 2017-05-19
Import patches-applied version 1.0.2g-1ubuntu9.3 to applied/ubuntu/yakkety-pr...

Author: William Grant
Author Date: 2017-05-19 08:25:11 UTC

Import patches-applied version 1.0.2g-1ubuntu9.3 to applied/ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: eabdcfa8288f5feabd381b6f1fda574fa2aa3d46
Unapplied parent: bac528099278f1cef0f597dabb6a4e895c3ba2c1

New changelog entries:
  * aes/asm/aesni-sha*-x86_64.pl: fix IV handling in SHAEXT paths.
    (LP: #1674399)

applied/ubuntu/yakkety-updates 2017-05-19 14:08:16 UTC 2017-05-19
Import patches-applied version 1.0.2g-1ubuntu9.3 to applied/ubuntu/yakkety-pr...

Author: William Grant
Author Date: 2017-05-19 08:25:11 UTC

Import patches-applied version 1.0.2g-1ubuntu9.3 to applied/ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: eabdcfa8288f5feabd381b6f1fda574fa2aa3d46
Unapplied parent: bac528099278f1cef0f597dabb6a4e895c3ba2c1

New changelog entries:
  * aes/asm/aesni-sha*-x86_64.pl: fix IV handling in SHAEXT paths.
    (LP: #1674399)

ubuntu/yakkety-proposed 2017-05-19 14:08:16 UTC 2017-05-19
Import patches-unapplied version 1.0.2g-1ubuntu9.3 to ubuntu/yakkety-proposed

Author: William Grant
Author Date: 2017-05-19 08:25:11 UTC

Import patches-unapplied version 1.0.2g-1ubuntu9.3 to ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: a48015ebc5685a891ad42de09f80637625a3f16f

New changelog entries:
  * aes/asm/aesni-sha*-x86_64.pl: fix IV handling in SHAEXT paths.
    (LP: #1674399)

applied/ubuntu/yakkety-devel 2017-05-19 14:08:16 UTC 2017-05-19
Import patches-applied version 1.0.2g-1ubuntu9.3 to applied/ubuntu/yakkety-pr...

Author: William Grant
Author Date: 2017-05-19 08:25:11 UTC

Import patches-applied version 1.0.2g-1ubuntu9.3 to applied/ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: eabdcfa8288f5feabd381b6f1fda574fa2aa3d46
Unapplied parent: bac528099278f1cef0f597dabb6a4e895c3ba2c1

New changelog entries:
  * aes/asm/aesni-sha*-x86_64.pl: fix IV handling in SHAEXT paths.
    (LP: #1674399)

ubuntu/yakkety-updates 2017-05-19 14:08:16 UTC 2017-05-19
Import patches-unapplied version 1.0.2g-1ubuntu9.3 to ubuntu/yakkety-proposed

Author: William Grant
Author Date: 2017-05-19 08:25:11 UTC

Import patches-unapplied version 1.0.2g-1ubuntu9.3 to ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: a48015ebc5685a891ad42de09f80637625a3f16f

New changelog entries:
  * aes/asm/aesni-sha*-x86_64.pl: fix IV handling in SHAEXT paths.
    (LP: #1674399)

ubuntu/yakkety-devel 2017-05-19 14:08:16 UTC 2017-05-19
Import patches-unapplied version 1.0.2g-1ubuntu9.3 to ubuntu/yakkety-proposed

Author: William Grant
Author Date: 2017-05-19 08:25:11 UTC

Import patches-unapplied version 1.0.2g-1ubuntu9.3 to ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: a48015ebc5685a891ad42de09f80637625a3f16f

New changelog entries:
  * aes/asm/aesni-sha*-x86_64.pl: fix IV handling in SHAEXT paths.
    (LP: #1674399)

ubuntu/zesty-proposed 2017-05-19 13:58:12 UTC 2017-05-19
Import patches-unapplied version 1.0.2g-1ubuntu11.2 to ubuntu/zesty-proposed

Author: William Grant
Author Date: 2017-05-19 08:29:44 UTC

Import patches-unapplied version 1.0.2g-1ubuntu11.2 to ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: 2e5180b49c69fd353e3c225dc6b9b70fb99c4081

New changelog entries:
  * aes/asm/aesni-sha*-x86_64.pl: fix IV handling in SHAEXT paths.
    (LP: #1674399)

applied/ubuntu/zesty-proposed 2017-05-19 13:58:12 UTC 2017-05-19
Import patches-applied version 1.0.2g-1ubuntu11.2 to applied/ubuntu/zesty-pro...

Author: William Grant
Author Date: 2017-05-19 08:29:44 UTC

Import patches-applied version 1.0.2g-1ubuntu11.2 to applied/ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: f3879503d49e9adcbe140175f755f4298578c62a
Unapplied parent: a84e691d688f45a22c43d6e59f6a6c529165fbbd

New changelog entries:
  * aes/asm/aesni-sha*-x86_64.pl: fix IV handling in SHAEXT paths.
    (LP: #1674399)

ubuntu/artful 2017-05-19 13:13:19 UTC 2017-05-19
Import patches-unapplied version 1.0.2g-1ubuntu13 to ubuntu/artful-proposed

Author: William Grant
Author Date: 2017-05-19 08:31:50 UTC

Import patches-unapplied version 1.0.2g-1ubuntu13 to ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: f3cdd9f5d72668fda74a2dcb46884ffc8a376251

New changelog entries:
  * aes/asm/aesni-sha*-x86_64.pl: fix IV handling in SHAEXT paths.
    (LP: #1674399)

applied/ubuntu/artful-proposed 2017-05-19 13:13:19 UTC 2017-05-19
Import patches-applied version 1.0.2g-1ubuntu13 to applied/ubuntu/artful-prop...

Author: William Grant
Author Date: 2017-05-19 08:31:50 UTC

Import patches-applied version 1.0.2g-1ubuntu13 to applied/ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: 63e0192e22ace22d7f2b786aa039f3bde0bf4ced
Unapplied parent: cbb693c4127fe392e13a9bdd3db7761d66e19a7a

New changelog entries:
  * aes/asm/aesni-sha*-x86_64.pl: fix IV handling in SHAEXT paths.
    (LP: #1674399)

ubuntu/artful-proposed 2017-05-19 13:13:19 UTC 2017-05-19
Import patches-unapplied version 1.0.2g-1ubuntu13 to ubuntu/artful-proposed

Author: William Grant
Author Date: 2017-05-19 08:31:50 UTC

Import patches-unapplied version 1.0.2g-1ubuntu13 to ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: f3cdd9f5d72668fda74a2dcb46884ffc8a376251

New changelog entries:
  * aes/asm/aesni-sha*-x86_64.pl: fix IV handling in SHAEXT paths.
    (LP: #1674399)

applied/ubuntu/artful 2017-05-19 13:13:19 UTC 2017-05-19
Import patches-applied version 1.0.2g-1ubuntu13 to applied/ubuntu/artful-prop...

Author: William Grant
Author Date: 2017-05-19 08:31:50 UTC

Import patches-applied version 1.0.2g-1ubuntu13 to applied/ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: 63e0192e22ace22d7f2b786aa039f3bde0bf4ced
Unapplied parent: cbb693c4127fe392e13a9bdd3db7761d66e19a7a

New changelog entries:
  * aes/asm/aesni-sha*-x86_64.pl: fix IV handling in SHAEXT paths.
    (LP: #1674399)

ubuntu/yakkety-security 2017-01-31 17:43:30 UTC 2017-01-31
Import patches-unapplied version 1.0.2g-1ubuntu9.1 to ubuntu/yakkety-security

Author: Marc Deslauriers
Author Date: 2017-01-30 14:55:10 UTC

Import patches-unapplied version 1.0.2g-1ubuntu9.1 to ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: 1c6db8d529e71e4f589f503db2dc5977e31cbf6a

New changelog entries:
  * SECURITY UPDATE: Montgomery multiplication may produce incorrect
    results
    - debian/patches/CVE-2016-7055.patch: fix logic in
      crypto/bn/asm/x86_64-mont.pl.
    - CVE-2016-7055
  * SECURITY UPDATE: DoS via warning alerts
    - debian/patches/CVE-2016-8610.patch: don't allow too many consecutive
      warning alerts in ssl/d1_pkt.c, ssl/s3_pkt.c, ssl/ssl.h,
      ssl/ssl_locl.h.
    - debian/patches/CVE-2016-8610-2.patch: fail if an unrecognised record
      type is received in ssl/s3_pkt.c.
    - CVE-2016-8610
  * SECURITY UPDATE: Truncated packet could crash via OOB read
    - debian/patches/CVE-2017-3731.patch: harden RC4_MD5 cipher in
      crypto/evp/e_rc4_hmac_md5.c.
    - CVE-2017-3731
  * SECURITY UPDATE: BN_mod_exp may produce incorrect results on x86_64
    - debian/patches/CVE-2017-3732.patch: fix carry bug in
      bn_sqr8x_internal in crypto/bn/asm/x86_64-mont5.pl.
    - CVE-2017-3732

ubuntu/precise-updates 2017-01-31 17:43:30 UTC 2017-01-31
Import patches-unapplied version 1.0.1-4ubuntu5.39 to ubuntu/precise-security

Author: Marc Deslauriers
Author Date: 2017-01-30 19:30:36 UTC

Import patches-unapplied version 1.0.1-4ubuntu5.39 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 82a89004c586499a6eea19659cf0054de87c5b57

New changelog entries:
  * SECURITY UPDATE: Pointer arithmetic undefined behaviour
    - debian/patches/CVE-2016-2177-pre.patch: check for ClientHello message
      overruns in ssl/s3_srvr.c.
    - debian/patches/CVE-2016-2177-pre2.patch: validate ClientHello
      extension field length in ssl/t1_lib.c.
    - debian/patches/CVE-2016-2177-pre3.patch: pass in a limit rather than
      calculate it in ssl/s3_srvr.c, ssl/ssl_locl.h, ssl/t1_lib.c.
    - debian/patches/CVE-2016-2177.patch: avoid undefined pointer
      arithmetic in ssl/s3_srvr.c, ssl/t1_lib.c,
    - CVE-2016-2177
  * SECURITY UPDATE: ECDSA P-256 timing attack key recovery
    - debian/patches/CVE-2016-7056.patch: use BN_mod_exp_mont_consttime in
      crypto/ec/ec.h, crypto/ec/ec_lcl.h, crypto/ec/ec_lib.c,
      crypto/ecdsa/ecs_ossl.c.
    - CVE-2016-7056
  * SECURITY UPDATE: DoS via warning alerts
    - debian/patches/CVE-2016-8610.patch: don't allow too many consecutive
      warning alerts in ssl/d1_pkt.c, ssl/s3_pkt.c, ssl/ssl.h,
      ssl/ssl_locl.h.
    - debian/patches/CVE-2016-8610-2.patch: fail if an unrecognised record
      type is received in ssl/s3_pkt.c.
    - CVE-2016-8610
  * SECURITY UPDATE: Truncated packet could crash via OOB read
    - debian/patches/CVE-2017-3731-pre.patch: sanity check
      EVP_CTRL_AEAD_TLS_AAD in crypto/evp/e_aes.c,
      crypto/evp/e_aes_cbc_hmac_sha1.c, crypto/evp/e_rc4_hmac_md5.c,
      crypto/evp/evp.h, ssl/t1_enc.c.
    - debian/patches/CVE-2017-3731.patch: harden RC4_MD5 cipher in
      crypto/evp/e_rc4_hmac_md5.c.
    - CVE-2017-3731

ubuntu/precise-devel 2017-01-31 17:43:30 UTC 2017-01-31
Import patches-unapplied version 1.0.1-4ubuntu5.39 to ubuntu/precise-security

Author: Marc Deslauriers
Author Date: 2017-01-30 19:30:36 UTC

Import patches-unapplied version 1.0.1-4ubuntu5.39 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 82a89004c586499a6eea19659cf0054de87c5b57

New changelog entries:
  * SECURITY UPDATE: Pointer arithmetic undefined behaviour
    - debian/patches/CVE-2016-2177-pre.patch: check for ClientHello message
      overruns in ssl/s3_srvr.c.
    - debian/patches/CVE-2016-2177-pre2.patch: validate ClientHello
      extension field length in ssl/t1_lib.c.
    - debian/patches/CVE-2016-2177-pre3.patch: pass in a limit rather than
      calculate it in ssl/s3_srvr.c, ssl/ssl_locl.h, ssl/t1_lib.c.
    - debian/patches/CVE-2016-2177.patch: avoid undefined pointer
      arithmetic in ssl/s3_srvr.c, ssl/t1_lib.c,
    - CVE-2016-2177
  * SECURITY UPDATE: ECDSA P-256 timing attack key recovery
    - debian/patches/CVE-2016-7056.patch: use BN_mod_exp_mont_consttime in
      crypto/ec/ec.h, crypto/ec/ec_lcl.h, crypto/ec/ec_lib.c,
      crypto/ecdsa/ecs_ossl.c.
    - CVE-2016-7056
  * SECURITY UPDATE: DoS via warning alerts
    - debian/patches/CVE-2016-8610.patch: don't allow too many consecutive
      warning alerts in ssl/d1_pkt.c, ssl/s3_pkt.c, ssl/ssl.h,
      ssl/ssl_locl.h.
    - debian/patches/CVE-2016-8610-2.patch: fail if an unrecognised record
      type is received in ssl/s3_pkt.c.
    - CVE-2016-8610
  * SECURITY UPDATE: Truncated packet could crash via OOB read
    - debian/patches/CVE-2017-3731-pre.patch: sanity check
      EVP_CTRL_AEAD_TLS_AAD in crypto/evp/e_aes.c,
      crypto/evp/e_aes_cbc_hmac_sha1.c, crypto/evp/e_rc4_hmac_md5.c,
      crypto/evp/evp.h, ssl/t1_enc.c.
    - debian/patches/CVE-2017-3731.patch: harden RC4_MD5 cipher in
      crypto/evp/e_rc4_hmac_md5.c.
    - CVE-2017-3731

ubuntu/precise-security 2017-01-31 17:43:30 UTC 2017-01-31
Import patches-unapplied version 1.0.1-4ubuntu5.39 to ubuntu/precise-security

Author: Marc Deslauriers
Author Date: 2017-01-30 19:30:36 UTC

Import patches-unapplied version 1.0.1-4ubuntu5.39 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 82a89004c586499a6eea19659cf0054de87c5b57

New changelog entries:
  * SECURITY UPDATE: Pointer arithmetic undefined behaviour
    - debian/patches/CVE-2016-2177-pre.patch: check for ClientHello message
      overruns in ssl/s3_srvr.c.
    - debian/patches/CVE-2016-2177-pre2.patch: validate ClientHello
      extension field length in ssl/t1_lib.c.
    - debian/patches/CVE-2016-2177-pre3.patch: pass in a limit rather than
      calculate it in ssl/s3_srvr.c, ssl/ssl_locl.h, ssl/t1_lib.c.
    - debian/patches/CVE-2016-2177.patch: avoid undefined pointer
      arithmetic in ssl/s3_srvr.c, ssl/t1_lib.c,
    - CVE-2016-2177
  * SECURITY UPDATE: ECDSA P-256 timing attack key recovery
    - debian/patches/CVE-2016-7056.patch: use BN_mod_exp_mont_consttime in
      crypto/ec/ec.h, crypto/ec/ec_lcl.h, crypto/ec/ec_lib.c,
      crypto/ecdsa/ecs_ossl.c.
    - CVE-2016-7056
  * SECURITY UPDATE: DoS via warning alerts
    - debian/patches/CVE-2016-8610.patch: don't allow too many consecutive
      warning alerts in ssl/d1_pkt.c, ssl/s3_pkt.c, ssl/ssl.h,
      ssl/ssl_locl.h.
    - debian/patches/CVE-2016-8610-2.patch: fail if an unrecognised record
      type is received in ssl/s3_pkt.c.
    - CVE-2016-8610
  * SECURITY UPDATE: Truncated packet could crash via OOB read
    - debian/patches/CVE-2017-3731-pre.patch: sanity check
      EVP_CTRL_AEAD_TLS_AAD in crypto/evp/e_aes.c,
      crypto/evp/e_aes_cbc_hmac_sha1.c, crypto/evp/e_rc4_hmac_md5.c,
      crypto/evp/evp.h, ssl/t1_enc.c.
    - debian/patches/CVE-2017-3731.patch: harden RC4_MD5 cipher in
      crypto/evp/e_rc4_hmac_md5.c.
    - CVE-2017-3731

applied/ubuntu/precise-updates 2017-01-31 17:43:30 UTC 2017-01-31
Import patches-applied version 1.0.1-4ubuntu5.39 to applied/ubuntu/precise-se...

Author: Marc Deslauriers
Author Date: 2017-01-30 19:30:36 UTC

Import patches-applied version 1.0.1-4ubuntu5.39 to applied/ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 12d1e853c5b11fc4cda49470581f216e95dbd2a8
Unapplied parent: 5f929762255950fc32fc232ed526c344e884ab68

New changelog entries:
  * SECURITY UPDATE: Pointer arithmetic undefined behaviour
    - debian/patches/CVE-2016-2177-pre.patch: check for ClientHello message
      overruns in ssl/s3_srvr.c.
    - debian/patches/CVE-2016-2177-pre2.patch: validate ClientHello
      extension field length in ssl/t1_lib.c.
    - debian/patches/CVE-2016-2177-pre3.patch: pass in a limit rather than
      calculate it in ssl/s3_srvr.c, ssl/ssl_locl.h, ssl/t1_lib.c.
    - debian/patches/CVE-2016-2177.patch: avoid undefined pointer
      arithmetic in ssl/s3_srvr.c, ssl/t1_lib.c,
    - CVE-2016-2177
  * SECURITY UPDATE: ECDSA P-256 timing attack key recovery
    - debian/patches/CVE-2016-7056.patch: use BN_mod_exp_mont_consttime in
      crypto/ec/ec.h, crypto/ec/ec_lcl.h, crypto/ec/ec_lib.c,
      crypto/ecdsa/ecs_ossl.c.
    - CVE-2016-7056
  * SECURITY UPDATE: DoS via warning alerts
    - debian/patches/CVE-2016-8610.patch: don't allow too many consecutive
      warning alerts in ssl/d1_pkt.c, ssl/s3_pkt.c, ssl/ssl.h,
      ssl/ssl_locl.h.
    - debian/patches/CVE-2016-8610-2.patch: fail if an unrecognised record
      type is received in ssl/s3_pkt.c.
    - CVE-2016-8610
  * SECURITY UPDATE: Truncated packet could crash via OOB read
    - debian/patches/CVE-2017-3731-pre.patch: sanity check
      EVP_CTRL_AEAD_TLS_AAD in crypto/evp/e_aes.c,
      crypto/evp/e_aes_cbc_hmac_sha1.c, crypto/evp/e_rc4_hmac_md5.c,
      crypto/evp/evp.h, ssl/t1_enc.c.
    - debian/patches/CVE-2017-3731.patch: harden RC4_MD5 cipher in
      crypto/evp/e_rc4_hmac_md5.c.
    - CVE-2017-3731

applied/ubuntu/precise-security 2017-01-31 17:43:30 UTC 2017-01-31
Import patches-applied version 1.0.1-4ubuntu5.39 to applied/ubuntu/precise-se...

Author: Marc Deslauriers
Author Date: 2017-01-30 19:30:36 UTC

Import patches-applied version 1.0.1-4ubuntu5.39 to applied/ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 12d1e853c5b11fc4cda49470581f216e95dbd2a8
Unapplied parent: 5f929762255950fc32fc232ed526c344e884ab68

New changelog entries:
  * SECURITY UPDATE: Pointer arithmetic undefined behaviour
    - debian/patches/CVE-2016-2177-pre.patch: check for ClientHello message
      overruns in ssl/s3_srvr.c.
    - debian/patches/CVE-2016-2177-pre2.patch: validate ClientHello
      extension field length in ssl/t1_lib.c.
    - debian/patches/CVE-2016-2177-pre3.patch: pass in a limit rather than
      calculate it in ssl/s3_srvr.c, ssl/ssl_locl.h, ssl/t1_lib.c.
    - debian/patches/CVE-2016-2177.patch: avoid undefined pointer
      arithmetic in ssl/s3_srvr.c, ssl/t1_lib.c,
    - CVE-2016-2177
  * SECURITY UPDATE: ECDSA P-256 timing attack key recovery
    - debian/patches/CVE-2016-7056.patch: use BN_mod_exp_mont_consttime in
      crypto/ec/ec.h, crypto/ec/ec_lcl.h, crypto/ec/ec_lib.c,
      crypto/ecdsa/ecs_ossl.c.
    - CVE-2016-7056
  * SECURITY UPDATE: DoS via warning alerts
    - debian/patches/CVE-2016-8610.patch: don't allow too many consecutive
      warning alerts in ssl/d1_pkt.c, ssl/s3_pkt.c, ssl/ssl.h,
      ssl/ssl_locl.h.
    - debian/patches/CVE-2016-8610-2.patch: fail if an unrecognised record
      type is received in ssl/s3_pkt.c.
    - CVE-2016-8610
  * SECURITY UPDATE: Truncated packet could crash via OOB read
    - debian/patches/CVE-2017-3731-pre.patch: sanity check
      EVP_CTRL_AEAD_TLS_AAD in crypto/evp/e_aes.c,
      crypto/evp/e_aes_cbc_hmac_sha1.c, crypto/evp/e_rc4_hmac_md5.c,
      crypto/evp/evp.h, ssl/t1_enc.c.
    - debian/patches/CVE-2017-3731.patch: harden RC4_MD5 cipher in
      crypto/evp/e_rc4_hmac_md5.c.
    - CVE-2017-3731

applied/ubuntu/precise-devel 2017-01-31 17:43:30 UTC 2017-01-31
Import patches-applied version 1.0.1-4ubuntu5.39 to applied/ubuntu/precise-se...

Author: Marc Deslauriers
Author Date: 2017-01-30 19:30:36 UTC

Import patches-applied version 1.0.1-4ubuntu5.39 to applied/ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 12d1e853c5b11fc4cda49470581f216e95dbd2a8
Unapplied parent: 5f929762255950fc32fc232ed526c344e884ab68

New changelog entries:
  * SECURITY UPDATE: Pointer arithmetic undefined behaviour
    - debian/patches/CVE-2016-2177-pre.patch: check for ClientHello message
      overruns in ssl/s3_srvr.c.
    - debian/patches/CVE-2016-2177-pre2.patch: validate ClientHello
      extension field length in ssl/t1_lib.c.
    - debian/patches/CVE-2016-2177-pre3.patch: pass in a limit rather than
      calculate it in ssl/s3_srvr.c, ssl/ssl_locl.h, ssl/t1_lib.c.
    - debian/patches/CVE-2016-2177.patch: avoid undefined pointer
      arithmetic in ssl/s3_srvr.c, ssl/t1_lib.c,
    - CVE-2016-2177
  * SECURITY UPDATE: ECDSA P-256 timing attack key recovery
    - debian/patches/CVE-2016-7056.patch: use BN_mod_exp_mont_consttime in
      crypto/ec/ec.h, crypto/ec/ec_lcl.h, crypto/ec/ec_lib.c,
      crypto/ecdsa/ecs_ossl.c.
    - CVE-2016-7056
  * SECURITY UPDATE: DoS via warning alerts
    - debian/patches/CVE-2016-8610.patch: don't allow too many consecutive
      warning alerts in ssl/d1_pkt.c, ssl/s3_pkt.c, ssl/ssl.h,
      ssl/ssl_locl.h.
    - debian/patches/CVE-2016-8610-2.patch: fail if an unrecognised record
      type is received in ssl/s3_pkt.c.
    - CVE-2016-8610
  * SECURITY UPDATE: Truncated packet could crash via OOB read
    - debian/patches/CVE-2017-3731-pre.patch: sanity check
      EVP_CTRL_AEAD_TLS_AAD in crypto/evp/e_aes.c,
      crypto/evp/e_aes_cbc_hmac_sha1.c, crypto/evp/e_rc4_hmac_md5.c,
      crypto/evp/evp.h, ssl/t1_enc.c.
    - debian/patches/CVE-2017-3731.patch: harden RC4_MD5 cipher in
      crypto/evp/e_rc4_hmac_md5.c.
    - CVE-2017-3731

applied/ubuntu/yakkety-security 2017-01-31 17:43:30 UTC 2017-01-31
Import patches-applied version 1.0.2g-1ubuntu9.1 to applied/ubuntu/yakkety-se...

Author: Marc Deslauriers
Author Date: 2017-01-30 14:55:10 UTC

Import patches-applied version 1.0.2g-1ubuntu9.1 to applied/ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: 8cef225e7dc91c4930927a19bd7d27bf0e0935a4
Unapplied parent: 9718a07f0f35cf7927593ecd7d81038530ceac5b

New changelog entries:
  * SECURITY UPDATE: Montgomery multiplication may produce incorrect
    results
    - debian/patches/CVE-2016-7055.patch: fix logic in
      crypto/bn/asm/x86_64-mont.pl.
    - CVE-2016-7055
  * SECURITY UPDATE: DoS via warning alerts
    - debian/patches/CVE-2016-8610.patch: don't allow too many consecutive
      warning alerts in ssl/d1_pkt.c, ssl/s3_pkt.c, ssl/ssl.h,
      ssl/ssl_locl.h.
    - debian/patches/CVE-2016-8610-2.patch: fail if an unrecognised record
      type is received in ssl/s3_pkt.c.
    - CVE-2016-8610
  * SECURITY UPDATE: Truncated packet could crash via OOB read
    - debian/patches/CVE-2017-3731.patch: harden RC4_MD5 cipher in
      crypto/evp/e_rc4_hmac_md5.c.
    - CVE-2017-3731
  * SECURITY UPDATE: BN_mod_exp may produce incorrect results on x86_64
    - debian/patches/CVE-2017-3732.patch: fix carry bug in
      bn_sqr8x_internal in crypto/bn/asm/x86_64-mont5.pl.
    - CVE-2017-3732

applied/ubuntu/zesty 2017-01-30 15:23:15 UTC 2017-01-30
Import patches-applied version 1.0.2g-1ubuntu11 to applied/ubuntu/zesty-proposed

Author: Marc Deslauriers
Author Date: 2017-01-30 14:00:43 UTC

Import patches-applied version 1.0.2g-1ubuntu11 to applied/ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: d37b0f197a9c24775917a56ffa6719a6a7e82589
Unapplied parent: f8fab09f2faa168f66c377a5f43055091afdf589

New changelog entries:
  * SECURITY UPDATE: Montgomery multiplication may produce incorrect
    results
    - debian/patches/CVE-2016-7055.patch: fix logic in
      crypto/bn/asm/x86_64-mont.pl.
    - CVE-2016-7055
  * SECURITY UPDATE: DoS via warning alerts
    - debian/patches/CVE-2016-8610.patch: don't allow too many consecutive
      warning alerts in ssl/d1_pkt.c, ssl/s3_pkt.c, ssl/ssl.h,
      ssl/ssl_locl.h.
    - debian/patches/CVE-2016-8610-2.patch: fail if an unrecognised record
      type is received in ssl/s3_pkt.c.
    - CVE-2016-8610
  * SECURITY UPDATE: Truncated packet could crash via OOB read
    - debian/patches/CVE-2017-3731.patch: harden RC4_MD5 cipher in
      crypto/evp/e_rc4_hmac_md5.c.
    - CVE-2017-3731
  * SECURITY UPDATE: BN_mod_exp may produce incorrect results on x86_64
    - debian/patches/CVE-2017-3732.patch: fix carry bug in
      bn_sqr8x_internal in crypto/bn/asm/x86_64-mont5.pl.
    - CVE-2017-3732

ubuntu/zesty 2017-01-30 15:23:15 UTC 2017-01-30
Import patches-unapplied version 1.0.2g-1ubuntu11 to ubuntu/zesty-proposed

Author: Marc Deslauriers
Author Date: 2017-01-30 14:00:43 UTC

Import patches-unapplied version 1.0.2g-1ubuntu11 to ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: 98d8c30245067bdceeac22e108898093f94c5bf4

New changelog entries:
  * SECURITY UPDATE: Montgomery multiplication may produce incorrect
    results
    - debian/patches/CVE-2016-7055.patch: fix logic in
      crypto/bn/asm/x86_64-mont.pl.
    - CVE-2016-7055
  * SECURITY UPDATE: DoS via warning alerts
    - debian/patches/CVE-2016-8610.patch: don't allow too many consecutive
      warning alerts in ssl/d1_pkt.c, ssl/s3_pkt.c, ssl/ssl.h,
      ssl/ssl_locl.h.
    - debian/patches/CVE-2016-8610-2.patch: fail if an unrecognised record
      type is received in ssl/s3_pkt.c.
    - CVE-2016-8610
  * SECURITY UPDATE: Truncated packet could crash via OOB read
    - debian/patches/CVE-2017-3731.patch: harden RC4_MD5 cipher in
      crypto/evp/e_rc4_hmac_md5.c.
    - CVE-2017-3731
  * SECURITY UPDATE: BN_mod_exp may produce incorrect results on x86_64
    - debian/patches/CVE-2017-3732.patch: fix carry bug in
      bn_sqr8x_internal in crypto/bn/asm/x86_64-mont5.pl.
    - CVE-2017-3732

ubuntu/yakkety 2016-09-23 17:54:16 UTC 2016-09-23
Import patches-unapplied version 1.0.2g-1ubuntu9 to ubuntu/yakkety-proposed

Author: Marc Deslauriers
Author Date: 2016-09-23 15:00:22 UTC

Import patches-unapplied version 1.0.2g-1ubuntu9 to ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: 579a024561e4adc6e476084731c798563c0b98ca

New changelog entries:
  * SECURITY UPDATE: Pointer arithmetic undefined behaviour
    - debian/patches/CVE-2016-2177.patch: avoid undefined pointer
      arithmetic in ssl/s3_srvr.c, ssl/ssl_sess.c, ssl/t1_lib.c.
    - CVE-2016-2177
  * SECURITY UPDATE: Constant time flag not preserved in DSA signing
    - debian/patches/CVE-2016-2178-*.patch: preserve BN_FLG_CONSTTIME in
      crypto/dsa/dsa_ossl.c.
    - CVE-2016-2178
  * SECURITY UPDATE: DTLS buffered message DoS
    - debian/patches/CVE-2016-2179.patch: fix queue handling in
      ssl/d1_both.c, ssl/d1_clnt.c, ssl/d1_lib.c, ssl/d1_srvr.c,
      ssl/ssl_locl.h.
    - CVE-2016-2179
  * SECURITY UPDATE: OOB read in TS_OBJ_print_bio()
    - debian/patches/CVE-2016-2180.patch: fix text handling in
      crypto/ts/ts_lib.c.
    - CVE-2016-2180
  * SECURITY UPDATE: DTLS replay protection DoS
    - debian/patches/CVE-2016-2181-1.patch: properly handle unprocessed
      records in ssl/d1_pkt.c.
    - debian/patches/CVE-2016-2181-2.patch: protect against replay attacks
      in ssl/d1_pkt.c, ssl/ssl.h, ssl/ssl_err.c.
    - debian/patches/CVE-2016-2181-3.patch: update error code in ssl/ssl.h.
    - CVE-2016-2181
  * SECURITY UPDATE: OOB write in BN_bn2dec()
    - debian/patches/CVE-2016-2182.patch: don't overflow buffer in
      crypto/bn/bn_print.c.
    - debian/patches/CVE-2016-2182-2.patch: fix off-by-one in overflow
      check in crypto/bn/bn_print.c.
    - CVE-2016-2182
  * SECURITY UPDATE: SWEET32 Mitigation
    - debian/patches/CVE-2016-2183.patch: move DES ciphersuites from HIGH
      to MEDIUM in ssl/s3_lib.c.
    - CVE-2016-2183
  * SECURITY UPDATE: Malformed SHA512 ticket DoS
    - debian/patches/CVE-2016-6302.patch: sanity check ticket length in
      ssl/t1_lib.c.
    - CVE-2016-6302
  * SECURITY UPDATE: OOB write in MDC2_Update()
    - debian/patches/CVE-2016-6303.patch: avoid overflow in
      crypto/mdc2/mdc2dgst.c.
    - CVE-2016-6303
  * SECURITY UPDATE: OCSP Status Request extension unbounded memory growth
    - debian/patches/CVE-2016-6304.patch: remove OCSP_RESPIDs from previous
      handshake in ssl/t1_lib.c.
    - CVE-2016-6304
  * SECURITY UPDATE: Certificate message OOB reads
    - debian/patches/CVE-2016-6306-1.patch: check lengths in ssl/s3_clnt.c,
      ssl/s3_srvr.c.
    - debian/patches/CVE-2016-6306-2.patch: make message buffer slightly
      larger in ssl/d1_both.c, ssl/s3_both.c.
    - CVE-2016-6306

applied/ubuntu/yakkety 2016-09-23 17:54:16 UTC 2016-09-23
Import patches-applied version 1.0.2g-1ubuntu9 to applied/ubuntu/yakkety-prop...

Author: Marc Deslauriers
Author Date: 2016-09-23 15:00:22 UTC

Import patches-applied version 1.0.2g-1ubuntu9 to applied/ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: 0591e4c10130de4507944c106eea8cc877aa4385
Unapplied parent: 26ea7eab9cbe501d0c850e9585721e903f212f05

New changelog entries:
  * SECURITY UPDATE: Pointer arithmetic undefined behaviour
    - debian/patches/CVE-2016-2177.patch: avoid undefined pointer
      arithmetic in ssl/s3_srvr.c, ssl/ssl_sess.c, ssl/t1_lib.c.
    - CVE-2016-2177
  * SECURITY UPDATE: Constant time flag not preserved in DSA signing
    - debian/patches/CVE-2016-2178-*.patch: preserve BN_FLG_CONSTTIME in
      crypto/dsa/dsa_ossl.c.
    - CVE-2016-2178
  * SECURITY UPDATE: DTLS buffered message DoS
    - debian/patches/CVE-2016-2179.patch: fix queue handling in
      ssl/d1_both.c, ssl/d1_clnt.c, ssl/d1_lib.c, ssl/d1_srvr.c,
      ssl/ssl_locl.h.
    - CVE-2016-2179
  * SECURITY UPDATE: OOB read in TS_OBJ_print_bio()
    - debian/patches/CVE-2016-2180.patch: fix text handling in
      crypto/ts/ts_lib.c.
    - CVE-2016-2180
  * SECURITY UPDATE: DTLS replay protection DoS
    - debian/patches/CVE-2016-2181-1.patch: properly handle unprocessed
      records in ssl/d1_pkt.c.
    - debian/patches/CVE-2016-2181-2.patch: protect against replay attacks
      in ssl/d1_pkt.c, ssl/ssl.h, ssl/ssl_err.c.
    - debian/patches/CVE-2016-2181-3.patch: update error code in ssl/ssl.h.
    - CVE-2016-2181
  * SECURITY UPDATE: OOB write in BN_bn2dec()
    - debian/patches/CVE-2016-2182.patch: don't overflow buffer in
      crypto/bn/bn_print.c.
    - debian/patches/CVE-2016-2182-2.patch: fix off-by-one in overflow
      check in crypto/bn/bn_print.c.
    - CVE-2016-2182
  * SECURITY UPDATE: SWEET32 Mitigation
    - debian/patches/CVE-2016-2183.patch: move DES ciphersuites from HIGH
      to MEDIUM in ssl/s3_lib.c.
    - CVE-2016-2183
  * SECURITY UPDATE: Malformed SHA512 ticket DoS
    - debian/patches/CVE-2016-6302.patch: sanity check ticket length in
      ssl/t1_lib.c.
    - CVE-2016-6302
  * SECURITY UPDATE: OOB write in MDC2_Update()
    - debian/patches/CVE-2016-6303.patch: avoid overflow in
      crypto/mdc2/mdc2dgst.c.
    - CVE-2016-6303
  * SECURITY UPDATE: OCSP Status Request extension unbounded memory growth
    - debian/patches/CVE-2016-6304.patch: remove OCSP_RESPIDs from previous
      handshake in ssl/t1_lib.c.
    - CVE-2016-6304
  * SECURITY UPDATE: Certificate message OOB reads
    - debian/patches/CVE-2016-6306-1.patch: check lengths in ssl/s3_clnt.c,
      ssl/s3_srvr.c.
    - debian/patches/CVE-2016-6306-2.patch: make message buffer slightly
      larger in ssl/d1_both.c, ssl/s3_both.c.
    - CVE-2016-6306

applied/ubuntu/wily-updates 2016-05-03 14:43:51 UTC 2016-05-03
Import patches-applied version 1.0.2d-0ubuntu1.5 to applied/ubuntu/wily-security

Author: Marc Deslauriers
Author Date: 2016-04-28 14:00:31 UTC

Import patches-applied version 1.0.2d-0ubuntu1.5 to applied/ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: 8aaa181725e121c72f35b02f76e8d304454bc867
Unapplied parent: 37ad5bf7b61ff26171be3b29a673c6b3a54d2f8b

New changelog entries:
  * SECURITY UPDATE: EVP_EncodeUpdate overflow
    - debian/patches/CVE-2016-2105.patch: properly check lengths in
      crypto/evp/encode.c, add documentation to
      doc/crypto/EVP_EncodeInit.pod, doc/crypto/evp.pod.
    - CVE-2016-2105
  * SECURITY UPDATE: EVP_EncryptUpdate overflow
    - debian/patches/CVE-2016-2106.patch: fix overflow in
      crypto/evp/evp_enc.c.
    - CVE-2016-2106
  * SECURITY UPDATE: Padding oracle in AES-NI CBC MAC check
    - debian/patches/CVE-2016-2107.patch: check that there are enough
      padding characters in crypto/evp/e_aes_cbc_hmac_sha1.c,
      crypto/evp/e_aes_cbc_hmac_sha256.c.
    - CVE-2016-2107
  * SECURITY UPDATE: Memory corruption in the ASN.1 encoder
    - debian/patches/CVE-2016-2108.patch: fix ASN1_INTEGER handling in
      crypto/asn1/a_type.c, crypto/asn1/asn1.h, crypto/asn1/tasn_dec.c,
      crypto/asn1/tasn_enc.c.
    - CVE-2016-2108
  * SECURITY UPDATE: ASN.1 BIO excessive memory allocation
    - debian/patches/CVE-2016-2109.patch: properly handle large amounts of
      data in crypto/asn1/a_d2i_fp.c.
    - CVE-2016-2109
  * debian/patches/min_1024_dh_size.patch: change minimum DH size from 768
    to 1024.

applied/ubuntu/wily-devel 2016-05-03 14:43:51 UTC 2016-05-03
Import patches-applied version 1.0.2d-0ubuntu1.5 to applied/ubuntu/wily-security

Author: Marc Deslauriers
Author Date: 2016-04-28 14:00:31 UTC

Import patches-applied version 1.0.2d-0ubuntu1.5 to applied/ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: 8aaa181725e121c72f35b02f76e8d304454bc867
Unapplied parent: 37ad5bf7b61ff26171be3b29a673c6b3a54d2f8b

New changelog entries:
  * SECURITY UPDATE: EVP_EncodeUpdate overflow
    - debian/patches/CVE-2016-2105.patch: properly check lengths in
      crypto/evp/encode.c, add documentation to
      doc/crypto/EVP_EncodeInit.pod, doc/crypto/evp.pod.
    - CVE-2016-2105
  * SECURITY UPDATE: EVP_EncryptUpdate overflow
    - debian/patches/CVE-2016-2106.patch: fix overflow in
      crypto/evp/evp_enc.c.
    - CVE-2016-2106
  * SECURITY UPDATE: Padding oracle in AES-NI CBC MAC check
    - debian/patches/CVE-2016-2107.patch: check that there are enough
      padding characters in crypto/evp/e_aes_cbc_hmac_sha1.c,
      crypto/evp/e_aes_cbc_hmac_sha256.c.
    - CVE-2016-2107
  * SECURITY UPDATE: Memory corruption in the ASN.1 encoder
    - debian/patches/CVE-2016-2108.patch: fix ASN1_INTEGER handling in
      crypto/asn1/a_type.c, crypto/asn1/asn1.h, crypto/asn1/tasn_dec.c,
      crypto/asn1/tasn_enc.c.
    - CVE-2016-2108
  * SECURITY UPDATE: ASN.1 BIO excessive memory allocation
    - debian/patches/CVE-2016-2109.patch: properly handle large amounts of
      data in crypto/asn1/a_d2i_fp.c.
    - CVE-2016-2109
  * debian/patches/min_1024_dh_size.patch: change minimum DH size from 768
    to 1024.

ubuntu/wily-security 2016-05-03 14:43:51 UTC 2016-05-03
Import patches-unapplied version 1.0.2d-0ubuntu1.5 to ubuntu/wily-security

Author: Marc Deslauriers
Author Date: 2016-04-28 14:00:31 UTC

Import patches-unapplied version 1.0.2d-0ubuntu1.5 to ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: 13936c8cec843cb8e3f4b7a71c6083e788b23992

New changelog entries:
  * SECURITY UPDATE: EVP_EncodeUpdate overflow
    - debian/patches/CVE-2016-2105.patch: properly check lengths in
      crypto/evp/encode.c, add documentation to
      doc/crypto/EVP_EncodeInit.pod, doc/crypto/evp.pod.
    - CVE-2016-2105
  * SECURITY UPDATE: EVP_EncryptUpdate overflow
    - debian/patches/CVE-2016-2106.patch: fix overflow in
      crypto/evp/evp_enc.c.
    - CVE-2016-2106
  * SECURITY UPDATE: Padding oracle in AES-NI CBC MAC check
    - debian/patches/CVE-2016-2107.patch: check that there are enough
      padding characters in crypto/evp/e_aes_cbc_hmac_sha1.c,
      crypto/evp/e_aes_cbc_hmac_sha256.c.
    - CVE-2016-2107
  * SECURITY UPDATE: Memory corruption in the ASN.1 encoder
    - debian/patches/CVE-2016-2108.patch: fix ASN1_INTEGER handling in
      crypto/asn1/a_type.c, crypto/asn1/asn1.h, crypto/asn1/tasn_dec.c,
      crypto/asn1/tasn_enc.c.
    - CVE-2016-2108
  * SECURITY UPDATE: ASN.1 BIO excessive memory allocation
    - debian/patches/CVE-2016-2109.patch: properly handle large amounts of
      data in crypto/asn1/a_d2i_fp.c.
    - CVE-2016-2109
  * debian/patches/min_1024_dh_size.patch: change minimum DH size from 768
    to 1024.

applied/ubuntu/wily-security 2016-05-03 14:43:51 UTC 2016-05-03
Import patches-applied version 1.0.2d-0ubuntu1.5 to applied/ubuntu/wily-security

Author: Marc Deslauriers
Author Date: 2016-04-28 14:00:31 UTC

Import patches-applied version 1.0.2d-0ubuntu1.5 to applied/ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: 8aaa181725e121c72f35b02f76e8d304454bc867
Unapplied parent: 37ad5bf7b61ff26171be3b29a673c6b3a54d2f8b

New changelog entries:
  * SECURITY UPDATE: EVP_EncodeUpdate overflow
    - debian/patches/CVE-2016-2105.patch: properly check lengths in
      crypto/evp/encode.c, add documentation to
      doc/crypto/EVP_EncodeInit.pod, doc/crypto/evp.pod.
    - CVE-2016-2105
  * SECURITY UPDATE: EVP_EncryptUpdate overflow
    - debian/patches/CVE-2016-2106.patch: fix overflow in
      crypto/evp/evp_enc.c.
    - CVE-2016-2106
  * SECURITY UPDATE: Padding oracle in AES-NI CBC MAC check
    - debian/patches/CVE-2016-2107.patch: check that there are enough
      padding characters in crypto/evp/e_aes_cbc_hmac_sha1.c,
      crypto/evp/e_aes_cbc_hmac_sha256.c.
    - CVE-2016-2107
  * SECURITY UPDATE: Memory corruption in the ASN.1 encoder
    - debian/patches/CVE-2016-2108.patch: fix ASN1_INTEGER handling in
      crypto/asn1/a_type.c, crypto/asn1/asn1.h, crypto/asn1/tasn_dec.c,
      crypto/asn1/tasn_enc.c.
    - CVE-2016-2108
  * SECURITY UPDATE: ASN.1 BIO excessive memory allocation
    - debian/patches/CVE-2016-2109.patch: properly handle large amounts of
      data in crypto/asn1/a_d2i_fp.c.
    - CVE-2016-2109
  * debian/patches/min_1024_dh_size.patch: change minimum DH size from 768
    to 1024.

ubuntu/wily-devel 2016-05-03 14:43:51 UTC 2016-05-03
Import patches-unapplied version 1.0.2d-0ubuntu1.5 to ubuntu/wily-security

Author: Marc Deslauriers
Author Date: 2016-04-28 14:00:31 UTC

Import patches-unapplied version 1.0.2d-0ubuntu1.5 to ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: 13936c8cec843cb8e3f4b7a71c6083e788b23992

New changelog entries:
  * SECURITY UPDATE: EVP_EncodeUpdate overflow
    - debian/patches/CVE-2016-2105.patch: properly check lengths in
      crypto/evp/encode.c, add documentation to
      doc/crypto/EVP_EncodeInit.pod, doc/crypto/evp.pod.
    - CVE-2016-2105
  * SECURITY UPDATE: EVP_EncryptUpdate overflow
    - debian/patches/CVE-2016-2106.patch: fix overflow in
      crypto/evp/evp_enc.c.
    - CVE-2016-2106
  * SECURITY UPDATE: Padding oracle in AES-NI CBC MAC check
    - debian/patches/CVE-2016-2107.patch: check that there are enough
      padding characters in crypto/evp/e_aes_cbc_hmac_sha1.c,
      crypto/evp/e_aes_cbc_hmac_sha256.c.
    - CVE-2016-2107
  * SECURITY UPDATE: Memory corruption in the ASN.1 encoder
    - debian/patches/CVE-2016-2108.patch: fix ASN1_INTEGER handling in
      crypto/asn1/a_type.c, crypto/asn1/asn1.h, crypto/asn1/tasn_dec.c,
      crypto/asn1/tasn_enc.c.
    - CVE-2016-2108
  * SECURITY UPDATE: ASN.1 BIO excessive memory allocation
    - debian/patches/CVE-2016-2109.patch: properly handle large amounts of
      data in crypto/asn1/a_d2i_fp.c.
    - CVE-2016-2109
  * debian/patches/min_1024_dh_size.patch: change minimum DH size from 768
    to 1024.

ubuntu/wily-updates 2016-05-03 14:43:51 UTC 2016-05-03
Import patches-unapplied version 1.0.2d-0ubuntu1.5 to ubuntu/wily-security

Author: Marc Deslauriers
Author Date: 2016-04-28 14:00:31 UTC

Import patches-unapplied version 1.0.2d-0ubuntu1.5 to ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: 13936c8cec843cb8e3f4b7a71c6083e788b23992

New changelog entries:
  * SECURITY UPDATE: EVP_EncodeUpdate overflow
    - debian/patches/CVE-2016-2105.patch: properly check lengths in
      crypto/evp/encode.c, add documentation to
      doc/crypto/EVP_EncodeInit.pod, doc/crypto/evp.pod.
    - CVE-2016-2105
  * SECURITY UPDATE: EVP_EncryptUpdate overflow
    - debian/patches/CVE-2016-2106.patch: fix overflow in
      crypto/evp/evp_enc.c.
    - CVE-2016-2106
  * SECURITY UPDATE: Padding oracle in AES-NI CBC MAC check
    - debian/patches/CVE-2016-2107.patch: check that there are enough
      padding characters in crypto/evp/e_aes_cbc_hmac_sha1.c,
      crypto/evp/e_aes_cbc_hmac_sha256.c.
    - CVE-2016-2107
  * SECURITY UPDATE: Memory corruption in the ASN.1 encoder
    - debian/patches/CVE-2016-2108.patch: fix ASN1_INTEGER handling in
      crypto/asn1/a_type.c, crypto/asn1/asn1.h, crypto/asn1/tasn_dec.c,
      crypto/asn1/tasn_enc.c.
    - CVE-2016-2108
  * SECURITY UPDATE: ASN.1 BIO excessive memory allocation
    - debian/patches/CVE-2016-2109.patch: properly handle large amounts of
      data in crypto/asn1/a_d2i_fp.c.
    - CVE-2016-2109
  * debian/patches/min_1024_dh_size.patch: change minimum DH size from 768
    to 1024.

ubuntu/xenial 2016-04-15 05:14:33 UTC 2016-04-15
Import patches-unapplied version 1.0.2g-1ubuntu4 to ubuntu/xenial-proposed

Author: Joy Latten
Author Date: 2016-04-15 04:58:01 UTC

Import patches-unapplied version 1.0.2g-1ubuntu4 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 9b2692b08da4c3020f767d2b1aba1ba2253486b0

New changelog entries:
  * Rename Fedora-imported FIPS patches to the names they have in Fedora, add
    correct "Origin:" tags, and move Ubuntu modifications in them into
    openssl-1.0.2g-ubuntu-fips-cleanup.patch.

applied/ubuntu/xenial 2016-04-15 05:14:33 UTC 2016-04-15
Import patches-applied version 1.0.2g-1ubuntu4 to applied/ubuntu/xenial-proposed

Author: Joy Latten
Author Date: 2016-04-15 04:58:01 UTC

Import patches-applied version 1.0.2g-1ubuntu4 to applied/ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 67d8ff1d055769bd9460568c7ee3b9986ad5685f
Unapplied parent: efaa79f33776a37ef45e1d4b840a7a1f40ac393c

New changelog entries:
  * Rename Fedora-imported FIPS patches to the names they have in Fedora, add
    correct "Origin:" tags, and move Ubuntu modifications in them into
    openssl-1.0.2g-ubuntu-fips-cleanup.patch.

debian/wheezy 2016-04-02 23:40:02 UTC 2016-04-02
Import patches-unapplied version 1.0.1e-2+deb7u20 to debian/wheezy

Author: Kurt Roeckx
Author Date: 2016-02-28 22:36:32 UTC

Import patches-unapplied version 1.0.1e-2+deb7u20 to debian/wheezy

Imported using git-ubuntu import.

Changelog parent: ac669d9052051f16d6a3c3b95af0014fdacef43a

New changelog entries:
  * Fix CVE-2016-0797
  * Fix CVE-2016-0798
  * Fix CVE-2016-0799
  * Fix CVE-2016-0702
  * Fix CVE-2016-0705
  * Disable EXPORT and LOW ciphers: The DROWN attack (CVE-2016-0800)
    makes use of those, and SLOTH attack (CVE-2015-7575) can make use of them
    too.
  * Non-maintainer upload by the Security Team.
  * Add CVE-2015-7575.patch patch.
    CVE-2015-7575: SLOTH: Security Losses from Obsolete and Truncated
    Transcript Hashes.
  * Fix CVE-2015-3194
  * Fix CVE-2015-3195
  * Fix CVE-2015-3196

applied/debian/wheezy 2016-04-02 23:40:02 UTC 2016-04-02
Import patches-applied version 1.0.1e-2+deb7u20 to applied/debian/wheezy

Author: Kurt Roeckx
Author Date: 2016-02-28 22:36:32 UTC

Import patches-applied version 1.0.1e-2+deb7u20 to applied/debian/wheezy

Imported using git-ubuntu import.

Changelog parent: 2a44697d06589ed68fd73d148afa033f574039be
Unapplied parent: f6ec4dd9d6867f89fa9739cf00d13c601ee2b1b0

New changelog entries:
  * Fix CVE-2016-0797
  * Fix CVE-2016-0798
  * Fix CVE-2016-0799
  * Fix CVE-2016-0702
  * Fix CVE-2016-0705
  * Disable EXPORT and LOW ciphers: The DROWN attack (CVE-2016-0800)
    makes use of those, and SLOTH attack (CVE-2015-7575) can make use of them
    too.
  * Non-maintainer upload by the Security Team.
  * Add CVE-2015-7575.patch patch.
    CVE-2015-7575: SLOTH: Security Losses from Obsolete and Truncated
    Transcript Hashes.
  * Fix CVE-2015-3194
  * Fix CVE-2015-3195
  * Fix CVE-2015-3196

applied/ubuntu/vivid-updates 2015-12-07 12:45:31 UTC 2015-12-07
Import patches-applied version 1.0.1f-1ubuntu11.5 to applied/ubuntu/vivid-sec...

Author: Marc Deslauriers
Author Date: 2015-12-04 12:54:50 UTC

Import patches-applied version 1.0.1f-1ubuntu11.5 to applied/ubuntu/vivid-security

Imported using git-ubuntu import.

Changelog parent: 91a82ddb08ca7f5909b873b82b0b05e191bd32e4
Unapplied parent: 38489cd73c16e662497730683712e4b13fddec77

New changelog entries:
  * SECURITY UPDATE: Certificate verify crash with missing PSS parameter
    - debian/patches/CVE-2015-3194.patch: add PSS parameter check to
      crypto/rsa/rsa_ameth.c.
    - CVE-2015-3194
  * SECURITY UPDATE: X509_ATTRIBUTE memory leak
    - debian/patches/CVE-2015-3195.patch: fix leak in
      crypto/asn1/tasn_dec.c.
    - CVE-2015-3195
  * SECURITY UPDATE: Race condition handling PSK identify hint
    - debian/patches/CVE-2015-3196.patch: fix PSK handling in
      ssl/s3_clnt.c, ssl/s3_srvr.c.
    - CVE-2015-3196

ubuntu/vivid-devel 2015-12-07 12:45:31 UTC 2015-12-07
Import patches-unapplied version 1.0.1f-1ubuntu11.5 to ubuntu/vivid-security

Author: Marc Deslauriers
Author Date: 2015-12-04 12:54:50 UTC

Import patches-unapplied version 1.0.1f-1ubuntu11.5 to ubuntu/vivid-security

Imported using git-ubuntu import.

Changelog parent: 1caec016b851b4dab8da531e929cd952879c5c21

New changelog entries:
  * SECURITY UPDATE: Certificate verify crash with missing PSS parameter
    - debian/patches/CVE-2015-3194.patch: add PSS parameter check to
      crypto/rsa/rsa_ameth.c.
    - CVE-2015-3194
  * SECURITY UPDATE: X509_ATTRIBUTE memory leak
    - debian/patches/CVE-2015-3195.patch: fix leak in
      crypto/asn1/tasn_dec.c.
    - CVE-2015-3195
  * SECURITY UPDATE: Race condition handling PSK identify hint
    - debian/patches/CVE-2015-3196.patch: fix PSK handling in
      ssl/s3_clnt.c, ssl/s3_srvr.c.
    - CVE-2015-3196

applied/ubuntu/vivid-security 2015-12-07 12:45:31 UTC 2015-12-07
Import patches-applied version 1.0.1f-1ubuntu11.5 to applied/ubuntu/vivid-sec...

Author: Marc Deslauriers
Author Date: 2015-12-04 12:54:50 UTC

Import patches-applied version 1.0.1f-1ubuntu11.5 to applied/ubuntu/vivid-security

Imported using git-ubuntu import.

Changelog parent: 91a82ddb08ca7f5909b873b82b0b05e191bd32e4
Unapplied parent: 38489cd73c16e662497730683712e4b13fddec77

New changelog entries:
  * SECURITY UPDATE: Certificate verify crash with missing PSS parameter
    - debian/patches/CVE-2015-3194.patch: add PSS parameter check to
      crypto/rsa/rsa_ameth.c.
    - CVE-2015-3194
  * SECURITY UPDATE: X509_ATTRIBUTE memory leak
    - debian/patches/CVE-2015-3195.patch: fix leak in
      crypto/asn1/tasn_dec.c.
    - CVE-2015-3195
  * SECURITY UPDATE: Race condition handling PSK identify hint
    - debian/patches/CVE-2015-3196.patch: fix PSK handling in
      ssl/s3_clnt.c, ssl/s3_srvr.c.
    - CVE-2015-3196

ubuntu/vivid-updates 2015-12-07 12:45:31 UTC 2015-12-07
Import patches-unapplied version 1.0.1f-1ubuntu11.5 to ubuntu/vivid-security

Author: Marc Deslauriers
Author Date: 2015-12-04 12:54:50 UTC

Import patches-unapplied version 1.0.1f-1ubuntu11.5 to ubuntu/vivid-security

Imported using git-ubuntu import.

Changelog parent: 1caec016b851b4dab8da531e929cd952879c5c21

New changelog entries:
  * SECURITY UPDATE: Certificate verify crash with missing PSS parameter
    - debian/patches/CVE-2015-3194.patch: add PSS parameter check to
      crypto/rsa/rsa_ameth.c.
    - CVE-2015-3194
  * SECURITY UPDATE: X509_ATTRIBUTE memory leak
    - debian/patches/CVE-2015-3195.patch: fix leak in
      crypto/asn1/tasn_dec.c.
    - CVE-2015-3195
  * SECURITY UPDATE: Race condition handling PSK identify hint
    - debian/patches/CVE-2015-3196.patch: fix PSK handling in
      ssl/s3_clnt.c, ssl/s3_srvr.c.
    - CVE-2015-3196

1100 of 286 results

Other repositories

Name Last Modified
lp:ubuntu/+source/openssl 2018-10-31
11 of 1 result
You can't create new repositories for openssl in Ubuntu.