Format: 1.8
Date: Fri, 01 Mar 2024 14:01:22 -0800
Source: openssl
Binary: openssl libssl1.1 libcrypto1.1-udeb libssl1.1-udeb libssl-dev libssl-doc
Architecture: source
Version: 1.1.1w-0ubuntu1~16.04.sav2
Distribution: xenial
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
Changed-By: Rob Savoury <savoury@savos.tech>
Description:
 libcrypto1.1-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb)
 libssl-dev - Secure Sockets Layer toolkit - development files
 libssl-doc - Secure Sockets Layer toolkit - development documentation
 libssl1.1  - Secure Sockets Layer toolkit - shared libraries
 libssl1.1-udeb - ssl shared library - udeb (udeb)
 openssl    - Secure Sockets Layer toolkit - cryptographic utility
Launchpad-Bugs-Fixed: 2054090
Changes:
 openssl (1.1.1w-0ubuntu1~16.04.sav2) xenial; urgency=medium
 .
   * SECURITY UPDATE: Implicit rejection for RSA PKCS#1 (LP: #2054090)
     - debian/patches/openssl-1.1.1-pkcs1-implicit-rejection.patch:
       Return deterministic random output instead of an error in case
       there is a padding error in crypto/cms/cms_env.c,
       crypto/pkcs7/pk7_doit.c, crypto/rsa/rsa_local.h,
       crypto/rsa/rsa_ossl.c, crypto/rsa/rsa_pk1.c, crypto/rsa/rsa_pmeth.c,
       doc/man1/pkeyutl.pod, doc/man1/rsautl.pod,
       doc/man3/EVP_PKEY_CTX_ctrl.pod, doc/man3/EVP_PKEY_decrypt.pod,
       doc/man3/RSA_padding_add_PKCS1_type_1.pod,
       doc/man3/RSA_public_encrypt.pod, include/openssl/rsa.h and
       test/recipes/30-test_evp_data/evppkey.txt.
   [ patch: David Fernandez Gonzalez <david.fernandezgonzalez@canonical.com> ]
Checksums-Sha1:
 dabf8936c28255fa1c23fffa483b4c0a7c58bc67 2781 openssl_1.1.1w-0ubuntu1~16.04.sav2.dsc
 f43f071b07b37034ee0d0b347a4d5f5ada0ce2ec 170716 openssl_1.1.1w-0ubuntu1~16.04.sav2.debian.tar.xz
Checksums-Sha256:
 8b0b3331481cacd9696fa4335632909e410619f3ef1e1bc52710341b9dfae32d 2781 openssl_1.1.1w-0ubuntu1~16.04.sav2.dsc
 7ddc83eb488c9f380b89ed982d15df60a43c9748ec81643d34b1f3183c4cccd7 170716 openssl_1.1.1w-0ubuntu1~16.04.sav2.debian.tar.xz
Files:
 a7255b199a19921e9e7ede1b802e4496 2781 utils optional openssl_1.1.1w-0ubuntu1~16.04.sav2.dsc
 54314aa121813f75c6822fa9c44ceab0 170716 utils optional openssl_1.1.1w-0ubuntu1~16.04.sav2.debian.tar.xz
Original-Maintainer: Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>