Format: 1.8
Date: Wed, 02 Dec 2020 09:52:44 -0500
Source: openssl
Binary: libcrypto1.1-udeb libssl-dev libssl1.1 libssl1.1-udeb openssl
Architecture: i386 i386_translations
Version: 1.1.1f-1ubuntu2.1
Distribution: focal
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@lgw01-amd64-027.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 libcrypto1.1-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb)
 libssl-dev - Secure Sockets Layer toolkit - development files
 libssl1.1  - Secure Sockets Layer toolkit - shared libraries
 libssl1.1-udeb - ssl shared library - udeb (udeb)
 openssl    - Secure Sockets Layer toolkit - cryptographic utility
Changes:
 openssl (1.1.1f-1ubuntu2.1) focal-security; urgency=medium
 .
   * SECURITY UPDATE: EDIPARTYNAME NULL pointer de-ref
     - debian/patches/CVE-2020-1971-1.patch: use explicit tagging for
       DirectoryString in crypto/x509v3/v3_genn.c.
     - debian/patches/CVE-2020-1971-2.patch: correctly compare EdiPartyName
       in crypto/x509v3/v3_genn.c.
     - debian/patches/CVE-2020-1971-3.patch: check that multi-strings/CHOICE
       types don't use implicit tagging in crypto/asn1/asn1_err.c,
       crypto/asn1/tasn_dec.c, crypto/err/openssl.txt,
       include/openssl/asn1err.h.
     - debian/patches/CVE-2020-1971-4.patch: complain if we are attempting
       to encode with an invalid ASN.1 template in crypto/asn1/asn1_err.c,
       crypto/asn1/tasn_enc.c, crypto/err/openssl.txt,
       include/openssl/asn1err.h.
     - debian/patches/CVE-2020-1971-5.patch: add a test for GENERAL_NAME_cmp
       in test/v3nametest.c.
     - debian/patches/CVE-2020-1971-6.patch: add a test for
       encoding/decoding using an invalid ASN.1 Template in
       test/asn1_decode_test.c, test/asn1_encode_test.c.
     - CVE-2020-1971
Checksums-Sha1:
 45082f400746280ccf925a416e5cd3fd9f641729 1069700 libcrypto1.1-udeb_1.1.1f-1ubuntu2.1_i386.udeb
 3942d5d2225190db17ae5b0bcd194d495659a303 1612408 libssl-dev_1.1.1f-1ubuntu2.1_i386.deb
 57ac82dafe17ac2646bcfed43ce5fbccb8c859fd 2375832 libssl1.1-dbgsym_1.1.1f-1ubuntu2.1_i386.ddeb
 8c691cf5dd1de4fae79e67d20bc9c787e6435169 206800 libssl1.1-udeb_1.1.1f-1ubuntu2.1_i386.udeb
 daa1afb89c41c40d94e0176d56e76c0160b2d462 1317224 libssl1.1_1.1.1f-1ubuntu2.1_i386.deb
 d25009c75984b2c6ed66e2abcd679757a4de5c59 492384 openssl-dbgsym_1.1.1f-1ubuntu2.1_i386.ddeb
 6d30cc066fafa833ff73e84ba800363c8f498f07 7164 openssl_1.1.1f-1ubuntu2.1_i386.buildinfo
 67b786299d0118d4e5ad64dd7e5fe05313f34699 629840 openssl_1.1.1f-1ubuntu2.1_i386.deb
 f852666aa1d9f4f4fcbe117cb0b9569d48972e75 27650 openssl_1.1.1f-1ubuntu2.1_i386_translations.tar.gz
Checksums-Sha256:
 c3ea8ce0728285901c08bc6bb0d3a5ffd845d72f31b93c16072e1e1728db6e03 1069700 libcrypto1.1-udeb_1.1.1f-1ubuntu2.1_i386.udeb
 2f0c531f56ddd7f3be76ec13135cb6a81a26022849ddcb69d9ddcc9758e8f5aa 1612408 libssl-dev_1.1.1f-1ubuntu2.1_i386.deb
 0fcc61d393ded263a7cd305976b4855e77bd07e921e84e3b6de1d7c25f62fce6 2375832 libssl1.1-dbgsym_1.1.1f-1ubuntu2.1_i386.ddeb
 be606c2251fd21f3716377228d55e591e9813584bb75c2658fc99d5d2f1bbbb0 206800 libssl1.1-udeb_1.1.1f-1ubuntu2.1_i386.udeb
 08b6417f3b4f65a2973846a2e39183130c20c8e1bf3e6f097a72492bfe67ceb2 1317224 libssl1.1_1.1.1f-1ubuntu2.1_i386.deb
 7c63ff1be12d76031d55405bfe1889a0886091851de5f7f193f2cd8454ec2360 492384 openssl-dbgsym_1.1.1f-1ubuntu2.1_i386.ddeb
 b56e3869fe544b869afb64e00703fab2ecd6687655c923ddd7de50dc21e39b89 7164 openssl_1.1.1f-1ubuntu2.1_i386.buildinfo
 e8c3bf4ce55a9bcccf2674641824eccb41ea6c3bd0d589623a7d69694409eea4 629840 openssl_1.1.1f-1ubuntu2.1_i386.deb
 a5e9267c931fda2a6f65895bbe5634202965b6f107a711ae747f753391321429 27650 openssl_1.1.1f-1ubuntu2.1_i386_translations.tar.gz
Files:
 2593cde1284a857506ef48952fddc001 1069700 debian-installer optional libcrypto1.1-udeb_1.1.1f-1ubuntu2.1_i386.udeb
 8da7554b9c8882e73d8669f6f0cb670b 1612408 libdevel optional libssl-dev_1.1.1f-1ubuntu2.1_i386.deb
 1fdcfd8f7515133a2336c8f1b4854174 2375832 debug optional libssl1.1-dbgsym_1.1.1f-1ubuntu2.1_i386.ddeb
 0711d6c4ba6eab4e3cc276630a124d63 206800 debian-installer optional libssl1.1-udeb_1.1.1f-1ubuntu2.1_i386.udeb
 f1d714abd0c754aba181761c7d2044ff 1317224 libs optional libssl1.1_1.1.1f-1ubuntu2.1_i386.deb
 586aff1fb67d473d53b3795bdca02c91 492384 debug optional openssl-dbgsym_1.1.1f-1ubuntu2.1_i386.ddeb
 7dcdbf90f561db41e23a0be49248e442 7164 utils optional openssl_1.1.1f-1ubuntu2.1_i386.buildinfo
 bad19834ba6678e4b791f273ea9035b6 629840 utils optional openssl_1.1.1f-1ubuntu2.1_i386.deb
 372b3b9e5df05a453604af0458fd1c0c 27650 raw-translations - openssl_1.1.1f-1ubuntu2.1_i386_translations.tar.gz
Original-Maintainer: Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>