Upstream bug in openssl 0.9.8e

A user has contacted us regarding a problem with the openssl 0.9.8e release, after investigating issues reported by EncFS users. The problem relates to Blowfish encryption, and the symptom is a failure to decrypt volumes created under previous openssl versions. Full details are in the following mailing list threads/posts:

This issue is not included in openssl's known issues list, but it has been patched in their CVS repository. I have built openssl 0.9.8e-3 to include that patch, as per the mails above, and will put it in the testing repo until we are sure there are no unexpected issues with it.

I also have the previous 0.9.8d package, if any user wishes to downgrade temporarily for rescue purposes. That is available here:

My thanks to Valient Gough and David Rosenstrauch for their assistance with this issue.