openssl-blacklist (0.5-3) unstable; urgency=low * openssl-vulnkey: adjust for new openssl 1.0.0 output (Closes: #628332) * fix test suite when run as root. Patch from Moritz Muehlenhoff. (Closes: #612461) * convert to dh_python2. Patch from Colin Watson (Closes: #616927) * make lintian -Ivi clean - debian/control: update Standards-Version to 3.9.2 - debian/control: add ${misc:Depends} to binaries - debian/control: make Description more verbose - debian/copyright: convert to DEP-5 - openssl-vulnkey.1: fix some hyphens as minuses - add debian/source/format - add comments only debian/watch file -- Jamie Strandboge Wed, 22 Jun 2011 11:14:53 -0500 openssl-blacklist (0.5-2) unstable; urgency=low * test.sh: fix executable state of openssl-vulnkey (Closes: #525042). -- Kees Cook Wed, 06 May 2009 12:12:09 -0700 openssl-blacklist (0.5-1) unstable; urgency=low [ Kees Cook ] * openssl-vulnkey: - replace sha with hashlib Python module to silence Python 2.6 warnings. - adjust skip/error handling, reporting more details (Closes: #498326). - pull version when building instead of being hard-coded. * debian/rules: use an orig.tar.gz since the blacklist files themselves are static, to save space in the archive. * test.sh: added mixed good/bad testing. [ Jamie Strandboge ] * update openssl-vulnkey to use GPL version 3 as specified in debian/copyright. * test.sh: add non-existent file and permission denied tests, as well as small cleanups * openssl-vulnkey: - exit with status '2' when errors are encountered (ie leave '1' for when a bad modulus is found) - be consistent with error reporting -- Kees Cook Wed, 08 Apr 2009 11:49:49 -0700 openssl-blacklist (0.4.2) unstable; urgency=low * Add openssl to the Build-Deps, since it is required for the tests. -- Kees Cook Tue, 17 Jun 2008 15:27:38 -0700 openssl-blacklist (0.4.1) unstable; urgency=low [ Jamie Strandboge ] * add RSA-4096 blacklist for le64 * install RSA-4096 blacklist * don't send STDERR to STDOUT as this may interfere with obtaining the modulus with long bits [ Kees Cook ] * debian/rules: - add new examples (using wildcards) - include run of internal tests during build * debian/control: bump to standards version 3.8.0 (no changes needed) -- Kees Cook Mon, 16 Jun 2008 11:48:09 -0700 openssl-blacklist (0.4) unstable; urgency=low * allow checking of certificate requests * only check moduli with an exponent of 65537 (the default on Debian/Ubuntu) * update gen_certs.sh for when ~/.rnd does not exist when openssl is run which can happen with openssl 0.9.8g and higher * update gen_certs.sh to use '0' (in case of PID randomization) * added more examples * only prompt once for password (Closes: #483500) * properly cache database reads when bits are same * added '-m' and '-b' arguments. This is helpful for applications calling openssl-vulnkey when the modulus and bits are known, such as openvpn. * man page updates * added test.sh * added blacklists for when ~/.rnd does not exist when openssl is run (LP: #232104) * added 512 bit and partial 4096 blacklists (need le64) (LP: #231014) * reorganized source databases, and ship the new gen_certs.sh format * debian/rules: updated to use new blacklist format and organization * create openssl-blacklist-extra package (but don't ship 4096 yet) -- Jamie Strandboge Tue, 10 Jun 2008 09:09:48 -0400 openssl-blacklist (0.3.2) unstable; urgency=low * debian/{rules,dirs,openssl-blacklist.install}: move openssl-vulnkey to /usr/bin (Closes: #482435). * examples/gen_certs.sh: - test for fixed libssl versions (Closes: #483310). - correctly skip pre-existing PEM files, thanks to Michel Meyers (Closes: #483542). - skip invalid pid 32768. * openssl-vulnkey: allow reading from stding, based on patch from Daniel Kahn Gillmor (Closes: #482427). * debian/control: swap maintainer so Ubuntu syncs do not get confused. -- Kees Cook Thu, 29 May 2008 15:19:16 -0700 openssl-blacklist (0.3.1) unstable; urgency=low * openssl-vulnkey: fix typo in manpage. * debian/control: add Vcs details, adjust uploaders line. * debian/rules: switch to using dh_installexamples. -- Kees Cook Wed, 28 May 2008 13:25:46 -0700 openssl-blacklist (0.3) unstable; urgency=low * Initial Debian release (keeping changelog for clarity), Closes: #482047. -- Kees Cook Wed, 21 May 2008 03:58:17 -0700 openssl-blacklist (0.2) intrepid; urgency=low * update openssl-vulnkey to also check x509 certificates, with corresponding manpage update * support 512, 4096 and 8192 databases * don't exit if can't open the database (this way databases can optionally be added * publish complete RSA-1024 and RSA-2048 blacklist for all available architectures on Ubuntu * fix manpage typos * debian/control: use net/optional * use python-central and follow DebianPython/NewPolicy * added get_certs.sh and getpid.c -- Jamie Strandboge Fri, 16 May 2008 08:32:13 -0400 openssl-blacklist (0.1-0ubuntu0.8.04.2) hardy-security; urgency=low * openssl-vulnkey: - Don't exit if the key cannot be parsed. - Don't fail if stderr is not available. (LP: #230193) -- Mathias Gug Wed, 14 May 2008 14:24:07 +0200 openssl-blacklist (0.1-0ubuntu0.8.04.1) hardy-security; urgency=low * no change rebuild for -security -- Jamie Strandboge Tue, 13 May 2008 04:02:50 -0400 openssl-blacklist (0.1) unstable; urgency=low * Initial release. -- Jamie Strandboge Fri, 12 May 2008 15:44:32 -0400