Change log for openssl package in Ubuntu

175 of 248 results
Published in wily-release on 2015-06-15
Deleted in wily-proposed (Reason: moved to release)
openssl (1.0.2c-1ubuntu1) wily; urgency=medium

  * Merge with Debian, remaining changes.
    - debian/libssl1.0.0.postinst:
      + Display a system restart required notification on libssl1.0.0
        upgrade on servers.
      + Use a different priority for libssl1.0.0/restart-services depending
        on whether a desktop, or server dist-upgrade is being performed.
    - debian/{libssl1.0.0-udeb.dirs, control, rules}: Create
      libssl1.0.0-udeb, for the benefit of wget-udeb (no wget-udeb package
      in Debian).
    - debian/{libcrypto1.0.0-udeb.dirs, libssl1.0.0.dirs, libssl1.0.0.files,
      rules}: Move runtime libraries to /lib, for the benefit of
      wpasupplicant.
    - debian/patches/perlpath-quilt.patch: Don't change perl #! paths under
      .pc.
    - debian/rules:
      + Don't run 'make test' when cross-building.
      + Use host compiler when cross-building.  Patch from Neil Williams.
      + Don't build for processors no longer supported: i586 (on i386)
      + Fix Makefile to properly clean up libs/ dirs in clean target.
      + Replace duplicate files in the doc directory with symlinks.
    - debian/control: Mark Debian Vcs-* as XS-Debian-Vcs-*
    - debian/rules: Enable optimized 64bit elliptic curve code contributed
      by Google.

Available diffs

Published in trusty-updates on 2015-06-11
Published in trusty-security on 2015-06-11
openssl (1.0.1f-1ubuntu2.15) trusty-security; urgency=medium

  * SECURITY IMPROVEMENT: reject dh keys smaller than 768 bits
    - debian/patches/reject_small_dh.patch: reject small dh keys in
      ssl/s3_clnt.c, ssl/ssl.h, ssl/ssl_err.c, update documentation in
      doc/ssl/SSL_CTX_set_tmp_dh_callback.pod, make s_server use 2048-bit
      dh in apps/s_server.c, clarify docs in doc/apps/dhparam.pod.
  * SECURITY UPDATE: denial of service and possible code execution via
    invalid free in DTLS
    - debian/patches/CVE-2014-8176.patch: fix invalid free in ssl/d1_lib.c.
    - CVE-2014-8176
  * SECURITY UPDATE: denial of service via malformed ECParameters
    - debian/patches/CVE-2015-1788.patch: improve logic in
      crypto/bn/bn_gf2m.c.
    - CVE-2015-1788
  * SECURITY UPDATE: denial of service via out-of-bounds read in
    X509_cmp_time
    - debian/patches/CVE-2015-1789.patch: properly parse time format in
      crypto/x509/x509_vfy.c.
    - CVE-2015-1789
  * SECURITY UPDATE: denial of service via missing EnvelopedContent
    - debian/patches/CVE-2015-1790.patch: handle NULL data_body in
      crypto/pkcs7/pk7_doit.c.
    - CVE-2015-1790
  * SECURITY UPDATE: race condition in NewSessionTicket
    - debian/patches/CVE-2015-1791.patch: create a new session in
      ssl/s3_clnt.c, ssl/ssl.h, ssl/ssl_err.c, ssl/ssl_locl.h,
      ssl/ssl_sess.c.
    - debian/patches/CVE-2015-1791-2.patch: fix kerberos issue in
      ssl/ssl_sess.c.
    - debian/patches/CVE-2015-1791-3.patch: more ssl_session_dup fixes in
      ssl/ssl_sess.c.
    - CVE-2015-1791
  * SECURITY UPDATE: CMS verify infinite loop with unknown hash function
    - debian/patches/CVE-2015-1792.patch: fix infinite loop in
      crypto/cms/cms_smime.c.
    - CVE-2015-1792

 -- Marc Deslauriers <email address hidden>  Thu, 11 Jun 2015 07:34:23 -0400
Published in precise-updates on 2015-06-11
Published in precise-security on 2015-06-11
openssl (1.0.1-4ubuntu5.31) precise-security; urgency=medium

  * SECURITY IMPROVEMENT: reject dh keys smaller than 768 bits
    - debian/patches/reject_small_dh.patch: reject small dh keys in
      ssl/s3_clnt.c, ssl/ssl.h, ssl/ssl_err.c, update documentation in
      doc/ssl/SSL_CTX_set_tmp_dh_callback.pod, make s_server use 2048-bit
      dh in apps/s_server.c, clarify docs in doc/apps/dhparam.pod,
      switch defaut dh to 2048-bit in apps/dhparam.c, apps/gendh.c.
  * SECURITY UPDATE: denial of service and possible code execution via
    invalid free in DTLS
    - debian/patches/CVE-2014-8176.patch: fix invalid free in ssl/d1_lib.c.
    - CVE-2014-8176
  * SECURITY UPDATE: denial of service via malformed ECParameters
    - debian/patches/CVE-2015-1788.patch: improve logic in
      crypto/bn/bn_gf2m.c.
    - CVE-2015-1788
  * SECURITY UPDATE: denial of service via out-of-bounds read in
    X509_cmp_time
    - debian/patches/CVE-2015-1789.patch: properly parse time format in
      crypto/x509/x509_vfy.c.
    - CVE-2015-1789
  * SECURITY UPDATE: denial of service via missing EnvelopedContent
    - debian/patches/CVE-2015-1790.patch: handle NULL data_body in
      crypto/pkcs7/pk7_doit.c.
    - CVE-2015-1790
  * SECURITY UPDATE: race condition in NewSessionTicket
    - debian/patches/CVE-2015-1791.patch: create a new session in
      ssl/s3_clnt.c, ssl/ssl.h, ssl/ssl_err.c, ssl/ssl_locl.h,
      ssl/ssl_sess.c.
    - debian/patches/CVE-2015-1791-2.patch: fix kerberos issue in
      ssl/ssl_sess.c.
    - debian/patches/CVE-2015-1791-3.patch: more ssl_session_dup fixes in
      ssl/ssl_sess.c.
    - CVE-2015-1791
  * SECURITY UPDATE: CMS verify infinite loop with unknown hash function
    - debian/patches/CVE-2015-1792.patch: fix infinite loop in
      crypto/cms/cms_smime.c.
    - CVE-2015-1792

 -- Marc Deslauriers <email address hidden>  Thu, 11 Jun 2015 07:35:48 -0400
Published in utopic-updates on 2015-06-11
Published in utopic-security on 2015-06-11
openssl (1.0.1f-1ubuntu9.8) utopic-security; urgency=medium

  * SECURITY IMPROVEMENT: reject dh keys smaller than 768 bits
    - debian/patches/reject_small_dh.patch: reject small dh keys in
      ssl/s3_clnt.c, ssl/ssl.h, ssl/ssl_err.c, update documentation in
      doc/ssl/SSL_CTX_set_tmp_dh_callback.pod, make s_server use 2048-bit
      dh in apps/s_server.c, clarify docs in doc/apps/dhparam.pod.
  * SECURITY UPDATE: denial of service and possible code execution via
    invalid free in DTLS
    - debian/patches/CVE-2014-8176.patch: fix invalid free in ssl/d1_lib.c.
    - CVE-2014-8176
  * SECURITY UPDATE: denial of service via malformed ECParameters
    - debian/patches/CVE-2015-1788.patch: improve logic in
      crypto/bn/bn_gf2m.c.
    - CVE-2015-1788
  * SECURITY UPDATE: denial of service via out-of-bounds read in
    X509_cmp_time
    - debian/patches/CVE-2015-1789.patch: properly parse time format in
      crypto/x509/x509_vfy.c.
    - CVE-2015-1789
  * SECURITY UPDATE: denial of service via missing EnvelopedContent
    - debian/patches/CVE-2015-1790.patch: handle NULL data_body in
      crypto/pkcs7/pk7_doit.c.
    - CVE-2015-1790
  * SECURITY UPDATE: race condition in NewSessionTicket
    - debian/patches/CVE-2015-1791.patch: create a new session in
      ssl/s3_clnt.c, ssl/ssl.h, ssl/ssl_err.c, ssl/ssl_locl.h,
      ssl/ssl_sess.c.
    - debian/patches/CVE-2015-1791-2.patch: fix kerberos issue in
      ssl/ssl_sess.c.
    - debian/patches/CVE-2015-1791-3.patch: more ssl_session_dup fixes in
      ssl/ssl_sess.c.
    - CVE-2015-1791
  * SECURITY UPDATE: CMS verify infinite loop with unknown hash function
    - debian/patches/CVE-2015-1792.patch: fix infinite loop in
      crypto/cms/cms_smime.c.
    - CVE-2015-1792

 -- Marc Deslauriers <email address hidden>  Thu, 11 Jun 2015 07:12:10 -0400
Published in vivid-updates on 2015-06-11
Published in vivid-security on 2015-06-11
openssl (1.0.1f-1ubuntu11.4) vivid-security; urgency=medium

  * SECURITY IMPROVEMENT: reject dh keys smaller than 768 bits
    - debian/patches/reject_small_dh.patch: reject small dh keys in
      ssl/s3_clnt.c, ssl/ssl.h, ssl/ssl_err.c, update documentation in
      doc/ssl/SSL_CTX_set_tmp_dh_callback.pod, make s_server use 2048-bit
      dh in apps/s_server.c, clarify docs in doc/apps/dhparam.pod.
  * SECURITY UPDATE: denial of service and possible code execution via
    invalid free in DTLS
    - debian/patches/CVE-2014-8176.patch: fix invalid free in ssl/d1_lib.c.
    - CVE-2014-8176
  * SECURITY UPDATE: denial of service via malformed ECParameters
    - debian/patches/CVE-2015-1788.patch: improve logic in
      crypto/bn/bn_gf2m.c.
    - CVE-2015-1788
  * SECURITY UPDATE: denial of service via out-of-bounds read in
    X509_cmp_time
    - debian/patches/CVE-2015-1789.patch: properly parse time format in
      crypto/x509/x509_vfy.c.
    - CVE-2015-1789
  * SECURITY UPDATE: denial of service via missing EnvelopedContent
    - debian/patches/CVE-2015-1790.patch: handle NULL data_body in
      crypto/pkcs7/pk7_doit.c.
    - CVE-2015-1790
  * SECURITY UPDATE: race condition in NewSessionTicket
    - debian/patches/CVE-2015-1791.patch: create a new session in
      ssl/s3_clnt.c, ssl/ssl.h, ssl/ssl_err.c, ssl/ssl_locl.h,
      ssl/ssl_sess.c.
    - debian/patches/CVE-2015-1791-2.patch: fix kerberos issue in
      ssl/ssl_sess.c.
    - debian/patches/CVE-2015-1791-3.patch: more ssl_session_dup fixes in
      ssl/ssl_sess.c.
    - CVE-2015-1791
  * SECURITY UPDATE: CMS verify infinite loop with unknown hash function
    - debian/patches/CVE-2015-1792.patch: fix infinite loop in
      crypto/cms/cms_smime.c.
    - CVE-2015-1792

 -- Marc Deslauriers <email address hidden>  Thu, 11 Jun 2015 07:10:41 -0400
Superseded in precise-updates on 2015-06-11
Superseded in precise-security on 2015-06-11
openssl (1.0.1-4ubuntu5.28) precise-security; urgency=medium

  * SECURITY IMPROVEMENT: Disable EXPORT ciphers by default
    - debian/patches/disable_export_ciphers.patch: remove export ciphers
      from the DEFAULT cipher list in ssl/ssl.h, ssl/ssl_ciph.c,
      doc/apps/ciphers.pod.

 -- Marc Deslauriers <email address hidden>  Thu, 28 May 2015 08:58:31 -0400
Superseded in trusty-updates on 2015-06-11
Superseded in trusty-security on 2015-06-11
openssl (1.0.1f-1ubuntu2.12) trusty-security; urgency=medium

  * SECURITY IMPROVEMENT: Disable EXPORT ciphers by default
    - debian/patches/disable_export_ciphers.patch: remove export ciphers
      from the DEFAULT cipher list in ssl/ssl.h, ssl/ssl_ciph.c,
      doc/apps/ciphers.pod.

 -- Marc Deslauriers <email address hidden>  Thu, 28 May 2015 08:58:02 -0400
Superseded in utopic-updates on 2015-06-11
Superseded in utopic-security on 2015-06-11
openssl (1.0.1f-1ubuntu9.5) utopic-security; urgency=medium

  * SECURITY IMPROVEMENT: Disable EXPORT ciphers by default
    - debian/patches/disable_export_ciphers.patch: remove export ciphers
      from the DEFAULT cipher list in ssl/ssl.h, ssl/ssl_ciph.c,
      doc/apps/ciphers.pod.

 -- Marc Deslauriers <email address hidden>  Thu, 28 May 2015 08:57:29 -0400
Superseded in vivid-updates on 2015-06-11
Superseded in vivid-security on 2015-06-11
openssl (1.0.1f-1ubuntu11.1) vivid-security; urgency=medium

  * SECURITY IMPROVEMENT: Disable EXPORT ciphers by default
    - debian/patches/disable_export_ciphers.patch: remove export ciphers
      from the DEFAULT cipher list in ssl/ssl.h, ssl/ssl_ciph.c,
      doc/apps/ciphers.pod.

 -- Marc Deslauriers <email address hidden>  Thu, 28 May 2015 08:51:23 -0400

Available diffs

  • diff from 1.0.1-4ubuntu5.26 to 1.0.1f-1ubuntu11.1 (pending)
Superseded in wily-release on 2015-06-15
Deleted in wily-proposed on 2015-06-16 (Reason: moved to release)
openssl (1.0.2a-1ubuntu1) wily; urgency=medium

  * Merge with Debian, remaining changes.
    - debian/libssl1.0.0.postinst:
      + Display a system restart required notification on libssl1.0.0
        upgrade on servers.
      + Use a different priority for libssl1.0.0/restart-services depending
        on whether a desktop, or server dist-upgrade is being performed.
    - debian/{libssl1.0.0-udeb.dirs, control, rules}: Create
      libssl1.0.0-udeb, for the benefit of wget-udeb (no wget-udeb package
      in Debian).
    - debian/{libcrypto1.0.0-udeb.dirs, libssl1.0.0.dirs, libssl1.0.0.files,
      rules}: Move runtime libraries to /lib, for the benefit of
      wpasupplicant.
    - debian/patches/perlpath-quilt.patch: Don't change perl #! paths under
      .pc.
    - debian/rules:
      + Don't run 'make test' when cross-building.
      + Use host compiler when cross-building.  Patch from Neil Williams.
      + Don't build for processors no longer supported: i586 (on i386)
      + Fix Makefile to properly clean up libs/ dirs in clean target.
      + Replace duplicate files in the doc directory with symlinks.
    - debian/control: Mark Debian Vcs-* as XS-Debian-Vcs-*
    - debian/rules: Enable optimized 64bit elliptic curve code contributed
      by Google.
  * Dropped patches included in new version:
    - ppc64-support.patch, CVE-2014-0076.patch, CVE-2014-0160.patch,
      CVE-2010-5298.patch, CVE-2014-0198.patch, CVE-2014-0195.patch,
      CVE-2014-0221.patch, CVE-2014-0224-1.patch, CVE-2014-0224-2.patch,
      CVE-2014-3470.patch, CVE-2014-0224-3.patch,
      CVE-2014-0224-regression.patch, CVE-2014-0224-regression2.patch,
      CVE-2014-3505.patch, CVE-2014-3506.patch, CVE-2014-3507.patch,
      CVE-2014-3508.patch, CVE-2014-3509.patch, CVE-2014-3510.patch,
      CVE-2014-3511.patch, CVE-2014-3512.patch, CVE-2014-5139.patch,
      power8-optimisations.patch, tls_fallback_scsv_support.patch,
      CVE-2014-3513.patch, CVE-2014-3567.patch, CVE-2014-3568.patch,
      CVE-2014-3569.patch, CVE-2014-3570.patch, CVE-2014-3571-1.patch,
      CVE-2014-3571-2.patch, CVE-2014-3572.patch, CVE-2014-8275.patch,
      CVE-2015-0204.patch, CVE-2015-0205.patch, CVE-2015-0206.patch,
      CVE-2015-0209.patch, CVE-2015-0286.patch, CVE-2015-0287.patch,
      CVE-2015-0288.patch, CVE-2015-0289.patch, CVE-2015-0292.patch,
      CVE-2015-0293.patch, CVE-2015-0209-2.patch, CVE-2015-0293-2.patch

Superseded in precise-updates on 2015-06-01
Superseded in precise-security on 2015-06-01
openssl (1.0.1-4ubuntu5.27) precise-security; urgency=medium

  * debian/patches/tls12_client_env.patch: Re-enable TLSv1.2 support on the
    client by default. For problematic setups, it can be disabled again by
    setting OPENSSL_NO_CLIENT_TLS1_2 in the environment during library
    initialization. (LP: #1442970)

 -- Marc Deslauriers <email address hidden>  Mon, 27 Apr 2015 13:13:18 -0400
Superseded in precise-updates on 2015-05-12
Superseded in precise-security on 2015-05-12
openssl (1.0.1-4ubuntu5.25) precise-security; urgency=medium

  * SECURITY UPDATE: denial of service and possible memory corruption via
    malformed EC private key
    - debian/patches/CVE-2015-0209.patch: fix use after free in
      crypto/ec/ec_asn1.c.
    - debian/patches/CVE-2015-0209-2.patch: fix a failure to NULL a pointer
      freed on error in crypto/asn1/x_x509.c, crypto/ec/ec_asn1.c.
    - CVE-2015-0209
  * SECURITY UPDATE: denial of service via cert verification
    - debian/patches/CVE-2015-0286.patch: handle boolean types in
      crypto/asn1/a_type.c.
    - CVE-2015-0286
  * SECURITY UPDATE: ASN.1 structure reuse memory corruption
    - debian/patches/CVE-2015-0287.patch: free up structures in
      crypto/asn1/tasn_dec.c.
    - CVE-2015-0287
  * SECURITY UPDATE: denial of service via invalid certificate key
    - debian/patches/CVE-2015-0288.patch: check public key isn't NULL in
      crypto/x509/x509_req.c.
    - CVE-2015-0288
  * SECURITY UPDATE: denial of service and possible code execution via
    PKCS#7 parsing
    - debian/patches/CVE-2015-0289.patch: handle missing content in
      crypto/pkcs7/pk7_doit.c, crypto/pkcs7/pk7_lib.c.
    - CVE-2015-0289
  * SECURITY UPDATE: denial of service or memory corruption via base64
    decoding
    - debian/patches/CVE-2015-0292.patch: prevent underflow in
      crypto/evp/encode.c.
    - CVE-2015-0292
  * SECURITY UPDATE: denial of service via assert in SSLv2 servers
    - debian/patches/CVE-2015-0293.patch: check key lengths in
      ssl/s2_lib.c, ssl/s2_srvr.c.
    - debian/patches/CVE-2015-0293-2.patch: fix unsigned/signed warnings in
      ssl/s2_srvr.c.
    - CVE-2015-0293
 -- Marc Deslauriers <email address hidden>   Thu, 19 Mar 2015 10:03:00 -0400
Published in lucid-updates on 2015-03-19
Published in lucid-security on 2015-03-19
openssl (0.9.8k-7ubuntu8.27) lucid-security; urgency=medium

  * SECURITY UPDATE: denial of service and possible memory corruption via
    malformed EC private key
    - debian/patches/CVE-2015-0209.patch: fix use after free in
      crypto/ec/ec_asn1.c.
    - debian/patches/CVE-2015-0209-2.patch: fix a failure to NULL a pointer
      freed on error in crypto/asn1/x_x509.c, crypto/ec/ec_asn1.c.
    - CVE-2015-0209
  * SECURITY UPDATE: denial of service via cert verification
    - debian/patches/CVE-2015-0286.patch: handle boolean types in
      crypto/asn1/a_type.c.
    - CVE-2015-0286
  * SECURITY UPDATE: ASN.1 structure reuse memory corruption
    - debian/patches/CVE-2015-0287.patch: free up structures in
      crypto/asn1/tasn_dec.c.
    - CVE-2015-0287
  * SECURITY UPDATE: denial of service via invalid certificate key
    - debian/patches/CVE-2015-0288.patch: check public key isn't NULL in
      crypto/x509/x509_req.c.
    - CVE-2015-0288
  * SECURITY UPDATE: denial of service and possible code execution via
    PKCS#7 parsing
    - debian/patches/CVE-2015-0289.patch: handle missing content in
      crypto/pkcs7/pk7_doit.c, crypto/pkcs7/pk7_lib.c.
    - CVE-2015-0289
  * SECURITY UPDATE: denial of service or memory corruption via base64
    decoding
    - debian/patches/CVE-2015-0292.patch: prevent underflow in
      crypto/evp/encode.c.
    - CVE-2015-0292
  * SECURITY UPDATE: denial of service via assert in SSLv2 servers
    - debian/patches/CVE-2015-0293.patch: check key lengths in
      ssl/s2_lib.c, ssl/s2_srvr.c.
    - debian/patches/CVE-2015-0293-2.patch: fix unsigned/signed warnings in
      ssl/s2_srvr.c.
    - CVE-2015-0293
 -- Marc Deslauriers <email address hidden>   Thu, 19 Mar 2015 09:57:59 -0400
Superseded in trusty-updates on 2015-06-01
Superseded in trusty-security on 2015-06-01
openssl (1.0.1f-1ubuntu2.11) trusty-security; urgency=medium

  * SECURITY UPDATE: denial of service and possible memory corruption via
    malformed EC private key
    - debian/patches/CVE-2015-0209.patch: fix use after free in
      crypto/ec/ec_asn1.c.
    - debian/patches/CVE-2015-0209-2.patch: fix a failure to NULL a pointer
      freed on error in crypto/asn1/x_x509.c, crypto/ec/ec_asn1.c.
    - CVE-2015-0209
  * SECURITY UPDATE: denial of service via cert verification
    - debian/patches/CVE-2015-0286.patch: handle boolean types in
      crypto/asn1/a_type.c.
    - CVE-2015-0286
  * SECURITY UPDATE: ASN.1 structure reuse memory corruption
    - debian/patches/CVE-2015-0287.patch: free up structures in
      crypto/asn1/tasn_dec.c.
    - CVE-2015-0287
  * SECURITY UPDATE: denial of service via invalid certificate key
    - debian/patches/CVE-2015-0288.patch: check public key isn't NULL in
      crypto/x509/x509_req.c.
    - CVE-2015-0288
  * SECURITY UPDATE: denial of service and possible code execution via
    PKCS#7 parsing
    - debian/patches/CVE-2015-0289.patch: handle missing content in
      crypto/pkcs7/pk7_doit.c, crypto/pkcs7/pk7_lib.c.
    - CVE-2015-0289
  * SECURITY UPDATE: denial of service or memory corruption via base64
    decoding
    - debian/patches/CVE-2015-0292.patch: prevent underflow in
      crypto/evp/encode.c.
    - CVE-2015-0292
  * SECURITY UPDATE: denial of service via assert in SSLv2 servers
    - debian/patches/CVE-2015-0293.patch: check key lengths in
      ssl/s2_lib.c, ssl/s2_srvr.c.
    - debian/patches/CVE-2015-0293-2.patch: fix unsigned/signed warnings in
      ssl/s2_srvr.c.
    - CVE-2015-0293
 -- Marc Deslauriers <email address hidden>   Thu, 19 Mar 2015 10:04:30 -0400
Superseded in utopic-updates on 2015-06-01
Superseded in utopic-security on 2015-06-01
openssl (1.0.1f-1ubuntu9.4) utopic-security; urgency=medium

  * SECURITY UPDATE: denial of service and possible memory corruption via
    malformed EC private key
    - debian/patches/CVE-2015-0209.patch: fix use after free in
      crypto/ec/ec_asn1.c.
    - debian/patches/CVE-2015-0209-2.patch: fix a failure to NULL a pointer
      freed on error in crypto/asn1/x_x509.c, crypto/ec/ec_asn1.c.
    - CVE-2015-0209
  * SECURITY UPDATE: denial of service via cert verification
    - debian/patches/CVE-2015-0286.patch: handle boolean types in
      crypto/asn1/a_type.c.
    - CVE-2015-0286
  * SECURITY UPDATE: ASN.1 structure reuse memory corruption
    - debian/patches/CVE-2015-0287.patch: free up structures in
      crypto/asn1/tasn_dec.c.
    - CVE-2015-0287
  * SECURITY UPDATE: denial of service via invalid certificate key
    - debian/patches/CVE-2015-0288.patch: check public key isn't NULL in
      crypto/x509/x509_req.c.
    - CVE-2015-0288
  * SECURITY UPDATE: denial of service and possible code execution via
    PKCS#7 parsing
    - debian/patches/CVE-2015-0289.patch: handle missing content in
      crypto/pkcs7/pk7_doit.c, crypto/pkcs7/pk7_lib.c.
    - CVE-2015-0289
  * SECURITY UPDATE: denial of service or memory corruption via base64
    decoding
    - debian/patches/CVE-2015-0292.patch: prevent underflow in
      crypto/evp/encode.c.
    - CVE-2015-0292
  * SECURITY UPDATE: denial of service via assert in SSLv2 servers
    - debian/patches/CVE-2015-0293.patch: check key lengths in
      ssl/s2_lib.c, ssl/s2_srvr.c.
    - debian/patches/CVE-2015-0293-2.patch: fix unsigned/signed warnings in
      ssl/s2_srvr.c.
    - CVE-2015-0293
 -- Marc Deslauriers <email address hidden>   Thu, 19 Mar 2015 10:05:54 -0400
Superseded in wily-release on 2015-05-21
Published in vivid-release on 2015-03-19
Deleted in vivid-proposed (Reason: moved to release)
openssl (1.0.1f-1ubuntu11) vivid; urgency=medium

  * SECURITY UPDATE: denial of service and possible memory corruption via
    malformed EC private key
    - debian/patches/CVE-2015-0209.patch: fix use after free in
      crypto/ec/ec_asn1.c.
    - debian/patches/CVE-2015-0209-2.patch: fix a failure to NULL a pointer
      freed on error in crypto/asn1/x_x509.c, crypto/ec/ec_asn1.c.
    - CVE-2015-0209
  * SECURITY UPDATE: denial of service via cert verification
    - debian/patches/CVE-2015-0286.patch: handle boolean types in
      crypto/asn1/a_type.c.
    - CVE-2015-0286
  * SECURITY UPDATE: ASN.1 structure reuse memory corruption
    - debian/patches/CVE-2015-0287.patch: free up structures in
      crypto/asn1/tasn_dec.c.
    - CVE-2015-0287
  * SECURITY UPDATE: denial of service via invalid certificate key
    - debian/patches/CVE-2015-0288.patch: check public key isn't NULL in
      crypto/x509/x509_req.c.
    - CVE-2015-0288
  * SECURITY UPDATE: denial of service and possible code execution via
    PKCS#7 parsing
    - debian/patches/CVE-2015-0289.patch: handle missing content in
      crypto/pkcs7/pk7_doit.c, crypto/pkcs7/pk7_lib.c.
    - CVE-2015-0289
  * SECURITY UPDATE: denial of service or memory corruption via base64
    decoding
    - debian/patches/CVE-2015-0292.patch: prevent underflow in
      crypto/evp/encode.c.
    - CVE-2015-0292
  * SECURITY UPDATE: denial of service via assert in SSLv2 servers
    - debian/patches/CVE-2015-0293.patch: check key lengths in
      ssl/s2_lib.c, ssl/s2_srvr.c.
    - debian/patches/CVE-2015-0293-2.patch: fix unsigned/signed warnings in
      ssl/s2_srvr.c.
    - CVE-2015-0293
 -- Marc Deslauriers <email address hidden>   Thu, 19 Mar 2015 10:07:13 -0400
Superseded in precise-updates on 2015-03-19
Deleted in precise-proposed on 2015-03-21 (Reason: moved to -updates)
openssl (1.0.1-4ubuntu5.22) precise; urgency=medium

  * Fix DTLS handshake on amd64 (LP: #1425914)
    - debian/patches/lp1425914.patch: backport upstream patch that fixes
      alignment issue causing an assert in ssl/ssl_ciph.c.
 -- Marc Deslauriers <email address hidden>   Thu, 26 Feb 2015 13:05:15 -0500
Superseded in lucid-updates on 2015-03-19
Superseded in lucid-security on 2015-03-19
openssl (0.9.8k-7ubuntu8.23) lucid-security; urgency=medium

  * SECURITY UPDATE: denial of service via unexpected handshake when
    no-ssl3 build option is used (not the default)
    - debian/patches/CVE-2014-3569.patch: keep the old method for now in
      ssl/s23_srvr.c.
    - CVE-2014-3569
  * SECURITY UPDATE: bignum squaring may produce incorrect results
    - debian/patches/CVE-2014-3570.patch: fix bignum logic in
      crypto/bn/asm/mips3.s, crypto/bn/asm/x86_64-gcc.c,
      crypto/bn/bn_asm.c, added test to crypto/bn/bntest.c.
    - CVE-2014-3570
  * SECURITY UPDATE: DTLS segmentation fault in dtls1_get_record
    - debian/patches/CVE-2014-3571.patch: fix crash in ssl/d1_pkt.c,
      ssl/s3_pkt.c.
    - CVE-2014-3571
  * SECURITY UPDATE: ECDHE silently downgrades to ECDH [Client]
    - debian/patches/CVE-2014-3572.patch: don't skip server key exchange in
      ssl/s3_clnt.c.
    - CVE-2014-3572
  * SECURITY UPDATE: certificate fingerprints can be modified
    - debian/patches/CVE-2014-8275.patch: fix various fingerprint issues in
      crypto/asn1/a_bitstr.c, crypto/asn1/a_type.c, crypto/asn1/a_verify.c,
      crypto/asn1/asn1.h, crypto/asn1/asn1_err.c, crypto/asn1/x_algor.c,
      crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, crypto/x509/x509.h,
      crypto/x509/x_all.c, util/libeay.num.
    - CVE-2014-8275
  * SECURITY UPDATE: RSA silently downgrades to EXPORT_RSA [Client]
    - debian/patches/CVE-2015-0204.patch: only allow ephemeral RSA keys in
      export ciphersuites in ssl/d1_srvr.c, ssl/s3_clnt.c, ssl/s3_srvr.c,
      ssl/ssl.h, adjust documentation in doc/ssl/SSL_CTX_set_options.pod,
      doc/ssl/SSL_CTX_set_tmp_rsa_callback.pod.
    - CVE-2015-0204
 -- Marc Deslauriers <email address hidden>   Fri, 09 Jan 2015 11:16:50 -0500
Superseded in precise-updates on 2015-03-19
Superseded in precise-security on 2015-03-19
openssl (1.0.1-4ubuntu5.21) precise-security; urgency=medium

  * SECURITY UPDATE: denial of service via unexpected handshake when
    no-ssl3 build option is used (not the default)
    - debian/patches/CVE-2014-3569.patch: keep the old method for now in
      ssl/s23_srvr.c.
    - CVE-2014-3569
  * SECURITY UPDATE: bignum squaring may produce incorrect results
    - debian/patches/CVE-2014-3570.patch: fix bignum logic in
      crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c,
      crypto/bn/bn_asm.c, removed crypto/bn/asm/mips3.s, added test to
      crypto/bn/bntest.c.
    - CVE-2014-3570
  * SECURITY UPDATE: DTLS segmentation fault in dtls1_get_record
    - debian/patches/CVE-2014-3571-1.patch: fix crash in ssl/d1_pkt.c,
      ssl/s3_pkt.c.
    - debian/patches/CVE-2014-3571-2.patch: make code more obvious in
      ssl/d1_pkt.c.
    - CVE-2014-3571
  * SECURITY UPDATE: ECDHE silently downgrades to ECDH [Client]
    - debian/patches/CVE-2014-3572.patch: don't skip server key exchange in
      ssl/s3_clnt.c.
    - CVE-2014-3572
  * SECURITY UPDATE: certificate fingerprints can be modified
    - debian/patches/CVE-2014-8275.patch: fix various fingerprint issues in
      crypto/asn1/a_bitstr.c, crypto/asn1/a_type.c, crypto/asn1/a_verify.c,
      crypto/asn1/asn1.h, crypto/asn1/asn1_err.c, crypto/asn1/x_algor.c,
      crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, crypto/x509/x509.h,
      crypto/x509/x_all.c.
    - CVE-2014-8275
  * SECURITY UPDATE: RSA silently downgrades to EXPORT_RSA [Client]
    - debian/patches/CVE-2015-0204.patch: only allow ephemeral RSA keys in
      export ciphersuites in ssl/d1_srvr.c, ssl/s3_clnt.c, ssl/s3_srvr.c,
      ssl/ssl.h, adjust documentation in doc/ssl/SSL_CTX_set_options.pod,
      doc/ssl/SSL_CTX_set_tmp_rsa_callback.pod.
    - CVE-2015-0204
  * SECURITY UPDATE: DTLS memory leak in dtls1_buffer_record
    - debian/patches/CVE-2015-0206.patch: properly handle failures in
      ssl/d1_pkt.c.
    - CVE-2015-0206
  * debian/patches/CVE-2015-0205.patch: fix code to prevent confusion in
      ssl/s3_srvr.c.
 -- Marc Deslauriers <email address hidden>   Fri, 09 Jan 2015 10:24:21 -0500
Superseded in trusty-updates on 2015-03-19
Superseded in trusty-security on 2015-03-19
openssl (1.0.1f-1ubuntu2.8) trusty-security; urgency=medium

  * SECURITY UPDATE: denial of service via unexpected handshake when
    no-ssl3 build option is used (not the default)
    - debian/patches/CVE-2014-3569.patch: keep the old method for now in
      ssl/s23_srvr.c.
    - CVE-2014-3569
  * SECURITY UPDATE: bignum squaring may produce incorrect results
    - debian/patches/CVE-2014-3570.patch: fix bignum logic in
      crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c,
      crypto/bn/bn_asm.c, removed crypto/bn/asm/mips3.s, added test to
      crypto/bn/bntest.c.
    - CVE-2014-3570
  * SECURITY UPDATE: DTLS segmentation fault in dtls1_get_record
    - debian/patches/CVE-2014-3571-1.patch: fix crash in ssl/d1_pkt.c,
      ssl/s3_pkt.c.
    - debian/patches/CVE-2014-3571-2.patch: make code more obvious in
      ssl/d1_pkt.c.
    - CVE-2014-3571
  * SECURITY UPDATE: ECDHE silently downgrades to ECDH [Client]
    - debian/patches/CVE-2014-3572.patch: don't skip server key exchange in
      ssl/s3_clnt.c.
    - CVE-2014-3572
  * SECURITY UPDATE: certificate fingerprints can be modified
    - debian/patches/CVE-2014-8275.patch: fix various fingerprint issues in
      crypto/asn1/a_bitstr.c, crypto/asn1/a_type.c, crypto/asn1/a_verify.c,
      crypto/asn1/asn1.h, crypto/asn1/asn1_err.c, crypto/asn1/x_algor.c,
      crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, crypto/x509/x509.h,
      crypto/x509/x_all.c.
    - CVE-2014-8275
  * SECURITY UPDATE: RSA silently downgrades to EXPORT_RSA [Client]
    - debian/patches/CVE-2015-0204.patch: only allow ephemeral RSA keys in
      export ciphersuites in ssl/d1_srvr.c, ssl/s3_clnt.c, ssl/s3_srvr.c,
      ssl/ssl.h, adjust documentation in doc/ssl/SSL_CTX_set_options.pod,
      doc/ssl/SSL_CTX_set_tmp_rsa_callback.pod.
    - CVE-2015-0204
  * SECURITY UPDATE: DH client certificates accepted without verification
    - debian/patches/CVE-2015-0205.patch: prevent use of DH client
      certificates without sending certificate verify message in
      ssl/s3_srvr.c.
    - CVE-2015-0205
  * SECURITY UPDATE: DTLS memory leak in dtls1_buffer_record
    - debian/patches/CVE-2015-0206.patch: properly handle failures in
      ssl/d1_pkt.c.
    - CVE-2015-0206
 -- Marc Deslauriers <email address hidden>   Fri, 09 Jan 2015 09:57:48 -0500
Superseded in utopic-updates on 2015-03-19
Superseded in utopic-security on 2015-03-19
openssl (1.0.1f-1ubuntu9.1) utopic-security; urgency=medium

  * SECURITY UPDATE: denial of service via unexpected handshake when
    no-ssl3 build option is used (not the default)
    - debian/patches/CVE-2014-3569.patch: keep the old method for now in
      ssl/s23_srvr.c.
    - CVE-2014-3569
  * SECURITY UPDATE: bignum squaring may produce incorrect results
    - debian/patches/CVE-2014-3570.patch: fix bignum logic in
      crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c,
      crypto/bn/bn_asm.c, removed crypto/bn/asm/mips3.s, added test to
      crypto/bn/bntest.c.
    - CVE-2014-3570
  * SECURITY UPDATE: DTLS segmentation fault in dtls1_get_record
    - debian/patches/CVE-2014-3571-1.patch: fix crash in ssl/d1_pkt.c,
      ssl/s3_pkt.c.
    - debian/patches/CVE-2014-3571-2.patch: make code more obvious in
      ssl/d1_pkt.c.
    - CVE-2014-3571
  * SECURITY UPDATE: ECDHE silently downgrades to ECDH [Client]
    - debian/patches/CVE-2014-3572.patch: don't skip server key exchange in
      ssl/s3_clnt.c.
    - CVE-2014-3572
  * SECURITY UPDATE: certificate fingerprints can be modified
    - debian/patches/CVE-2014-8275.patch: fix various fingerprint issues in
      crypto/asn1/a_bitstr.c, crypto/asn1/a_type.c, crypto/asn1/a_verify.c,
      crypto/asn1/asn1.h, crypto/asn1/asn1_err.c, crypto/asn1/x_algor.c,
      crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, crypto/x509/x509.h,
      crypto/x509/x_all.c.
    - CVE-2014-8275
  * SECURITY UPDATE: RSA silently downgrades to EXPORT_RSA [Client]
    - debian/patches/CVE-2015-0204.patch: only allow ephemeral RSA keys in
      export ciphersuites in ssl/d1_srvr.c, ssl/s3_clnt.c, ssl/s3_srvr.c,
      ssl/ssl.h, adjust documentation in doc/ssl/SSL_CTX_set_options.pod,
      doc/ssl/SSL_CTX_set_tmp_rsa_callback.pod.
    - CVE-2015-0204
  * SECURITY UPDATE: DH client certificates accepted without verification
    - debian/patches/CVE-2015-0205.patch: prevent use of DH client
      certificates without sending certificate verify message in
      ssl/s3_srvr.c.
    - CVE-2015-0205
  * SECURITY UPDATE: DTLS memory leak in dtls1_buffer_record
    - debian/patches/CVE-2015-0206.patch: properly handle failures in
      ssl/d1_pkt.c.
    - CVE-2015-0206
 -- Marc Deslauriers <email address hidden>   Fri, 09 Jan 2015 09:47:17 -0500
Superseded in vivid-release on 2015-03-19
Deleted in vivid-proposed on 2015-03-20 (Reason: moved to release)
openssl (1.0.1f-1ubuntu10) vivid; urgency=medium

  * SECURITY UPDATE: denial of service via unexpected handshake when
    no-ssl3 build option is used (not the default)
    - debian/patches/CVE-2014-3569.patch: keep the old method for now in
      ssl/s23_srvr.c.
    - CVE-2014-3569
  * SECURITY UPDATE: bignum squaring may produce incorrect results
    - debian/patches/CVE-2014-3570.patch: fix bignum logic in
      crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c,
      crypto/bn/bn_asm.c, removed crypto/bn/asm/mips3.s, added test to
      crypto/bn/bntest.c.
    - CVE-2014-3570
  * SECURITY UPDATE: DTLS segmentation fault in dtls1_get_record
    - debian/patches/CVE-2014-3571-1.patch: fix crash in ssl/d1_pkt.c,
      ssl/s3_pkt.c.
    - debian/patches/CVE-2014-3571-2.patch: make code more obvious in
      ssl/d1_pkt.c.
    - CVE-2014-3571
  * SECURITY UPDATE: ECDHE silently downgrades to ECDH [Client]
    - debian/patches/CVE-2014-3572.patch: don't skip server key exchange in
      ssl/s3_clnt.c.
    - CVE-2014-3572
  * SECURITY UPDATE: certificate fingerprints can be modified
    - debian/patches/CVE-2014-8275.patch: fix various fingerprint issues in
      crypto/asn1/a_bitstr.c, crypto/asn1/a_type.c, crypto/asn1/a_verify.c,
      crypto/asn1/asn1.h, crypto/asn1/asn1_err.c, crypto/asn1/x_algor.c,
      crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, crypto/x509/x509.h,
      crypto/x509/x_all.c.
    - CVE-2014-8275
  * SECURITY UPDATE: RSA silently downgrades to EXPORT_RSA [Client]
    - debian/patches/CVE-2015-0204.patch: only allow ephemeral RSA keys in
      export ciphersuites in ssl/d1_srvr.c, ssl/s3_clnt.c, ssl/s3_srvr.c,
      ssl/ssl.h, adjust documentation in doc/ssl/SSL_CTX_set_options.pod,
      doc/ssl/SSL_CTX_set_tmp_rsa_callback.pod.
    - CVE-2015-0204
  * SECURITY UPDATE: DH client certificates accepted without verification
    - debian/patches/CVE-2015-0205.patch: prevent use of DH client
      certificates without sending certificate verify message in
      ssl/s3_srvr.c.
    - CVE-2015-0205
  * SECURITY UPDATE: DTLS memory leak in dtls1_buffer_record
    - debian/patches/CVE-2015-0206.patch: properly handle failures in
      ssl/d1_pkt.c.
    - CVE-2015-0206
 -- Marc Deslauriers <email address hidden>   Fri, 09 Jan 2015 08:04:57 -0500
Superseded in vivid-release on 2015-01-09
Published in utopic-release on 2014-10-16
Deleted in utopic-proposed (Reason: moved to release)
openssl (1.0.1f-1ubuntu9) utopic; urgency=medium

  * SECURITY UPDATE: denial of service via DTLS SRTP memory leak
    - debian/patches/CVE-2014-3513.patch: fix logic in ssl/d1_srtp.c,
      ssl/srtp.h, ssl/t1_lib.c, util/mk1mf.pl, util/mkdef.pl,
      util/ssleay.num.
    - CVE-2014-3513
  * SECURITY UPDATE: denial of service via session ticket integrity check
    memory leak
    - debian/patches/CVE-2014-3567.patch: perform cleanup in ssl/t1_lib.c.
    - CVE-2014-3567
  * SECURITY UPDATE: fix the no-ssl3 build option
    - debian/patches/CVE-2014-3568.patch: fix conditional code in
      ssl/s23_clnt.c, ssl/s23_srvr.c.
    - CVE-2014-3568
  * SECURITY IMPROVEMENT: Added TLS_FALLBACK_SCSV support to mitigate a
    protocol downgrade attack to SSLv3 that exposes the POODLE attack.
    - debian/patches/tls_fallback_scsv_support.patch: added support for
      TLS_FALLBACK_SCSV in apps/s_client.c, crypto/err/openssl.ec,
      ssl/d1_lib.c, ssl/dtls1.h, ssl/s23_clnt.c, ssl/s23_srvr.c,
      ssl/s2_lib.c, ssl/s3_enc.c, ssl/s3_lib.c, ssl/ssl.h, ssl/ssl3.h,
      ssl/ssl_err.c, ssl/ssl_lib.c, ssl/t1_enc.c, ssl/tls1.h,
      doc/apps/s_client.pod, doc/ssl/SSL_CTX_set_mode.pod.
 -- Marc Deslauriers <email address hidden>   Thu, 16 Oct 2014 10:56:10 -0400
Superseded in lucid-updates on 2015-01-12
Superseded in lucid-security on 2015-01-12
openssl (0.9.8k-7ubuntu8.22) lucid-security; urgency=medium

  * SECURITY UPDATE: denial of service via session ticket integrity check
    memory leak
    - debian/patches/CVE-2014-3567.patch: perform cleanup in ssl/t1_lib.c.
    - CVE-2014-3567
  * SECURITY UPDATE: fix the no-ssl3 build option
    - debian/patches/CVE-2014-3568.patch: fix conditional code in
      ssl/s23_clnt.c, ssl/s23_srvr.c.
    - CVE-2014-3568
  * SECURITY IMPROVEMENT: Added TLS_FALLBACK_SCSV support to mitigate a
    protocol downgrade attack to SSLv3 that exposes the POODLE attack.
    - debian/patches/tls_fallback_scsv_support.patch: added support for
      TLS_FALLBACK_SCSV in apps/s_client.c, crypto/err/openssl.ec,
      ssl/d1_lib.c, ssl/dtls1.h, ssl/s23_clnt.c, ssl/s23_srvr.c,
      ssl/s2_lib.c, ssl/s3_enc.c, ssl/s3_lib.c, ssl/ssl.h, ssl/ssl3.h,
      ssl/ssl_err.c, ssl/ssl_lib.c, ssl/t1_enc.c, ssl/tls1.h,
      ssl/ssl_locl.h, doc/apps/s_client.pod, doc/ssl/SSL_CTX_set_mode.pod.
 -- Marc Deslauriers <email address hidden>   Wed, 15 Oct 2014 13:17:00 -0400
Superseded in precise-updates on 2015-01-12
Superseded in precise-security on 2015-01-12
openssl (1.0.1-4ubuntu5.20) precise-security; urgency=medium

  * SECURITY UPDATE: denial of service via DTLS SRTP memory leak
    - debian/patches/CVE-2014-3513.patch: fix logic in ssl/d1_srtp.c,
      ssl/srtp.h, ssl/t1_lib.c, util/mk1mf.pl, util/mkdef.pl,
      util/ssleay.num.
    - CVE-2014-3513
  * SECURITY UPDATE: denial of service via session ticket integrity check
    memory leak
    - debian/patches/CVE-2014-3567.patch: perform cleanup in ssl/t1_lib.c.
    - CVE-2014-3567
  * SECURITY UPDATE: fix the no-ssl3 build option
    - debian/patches/CVE-2014-3568.patch: fix conditional code in
      ssl/s23_clnt.c, ssl/s23_srvr.c.
    - CVE-2014-3568
  * SECURITY IMPROVEMENT: Added TLS_FALLBACK_SCSV support to mitigate a
    protocol downgrade attack to SSLv3 that exposes the POODLE attack.
    - debian/patches/tls_fallback_scsv_support.patch: added support for
      TLS_FALLBACK_SCSV in apps/s_client.c, crypto/err/openssl.ec,
      ssl/d1_lib.c, ssl/dtls1.h, ssl/s23_clnt.c, ssl/s23_srvr.c,
      ssl/s2_lib.c, ssl/s3_enc.c, ssl/s3_lib.c, ssl/ssl.h, ssl/ssl3.h,
      ssl/ssl_err.c, ssl/ssl_lib.c, ssl/t1_enc.c, ssl/tls1.h,
      doc/apps/s_client.pod, doc/ssl/SSL_CTX_set_mode.pod.
 -- Marc Deslauriers <email address hidden>   Wed, 15 Oct 2014 13:12:15 -0400
Superseded in trusty-updates on 2015-01-12
Superseded in trusty-security on 2015-01-12
openssl (1.0.1f-1ubuntu2.7) trusty-security; urgency=medium

  * SECURITY UPDATE: denial of service via DTLS SRTP memory leak
    - debian/patches/CVE-2014-3513.patch: fix logic in ssl/d1_srtp.c,
      ssl/srtp.h, ssl/t1_lib.c, util/mk1mf.pl, util/mkdef.pl,
      util/ssleay.num.
    - CVE-2014-3513
  * SECURITY UPDATE: denial of service via session ticket integrity check
    memory leak
    - debian/patches/CVE-2014-3567.patch: perform cleanup in ssl/t1_lib.c.
    - CVE-2014-3567
  * SECURITY UPDATE: fix the no-ssl3 build option
    - debian/patches/CVE-2014-3568.patch: fix conditional code in
      ssl/s23_clnt.c, ssl/s23_srvr.c.
    - CVE-2014-3568
  * SECURITY IMPROVEMENT: Added TLS_FALLBACK_SCSV support to mitigate a
    protocol downgrade attack to SSLv3 that exposes the POODLE attack.
    - debian/patches/tls_fallback_scsv_support.patch: added support for
      TLS_FALLBACK_SCSV in apps/s_client.c, crypto/err/openssl.ec,
      ssl/d1_lib.c, ssl/dtls1.h, ssl/s23_clnt.c, ssl/s23_srvr.c,
      ssl/s2_lib.c, ssl/s3_enc.c, ssl/s3_lib.c, ssl/ssl.h, ssl/ssl3.h,
      ssl/ssl_err.c, ssl/ssl_lib.c, ssl/t1_enc.c, ssl/tls1.h,
      doc/apps/s_client.pod, doc/ssl/SSL_CTX_set_mode.pod.
 -- Marc Deslauriers <email address hidden>   Wed, 15 Oct 2014 12:56:03 -0400
Superseded in precise-updates on 2014-10-16
Superseded in precise-security on 2014-10-16
openssl (1.0.1-4ubuntu5.18) precise-security; urgency=medium

  * SECURITY IMPROVEMENT: remove cipher length limitation that was set to
    work around problematic servers when using TLSv1.2 back in 2012.
    (LP: #1376447)
    - Although TLSv1.2 is disabled for clients by default, forcing it
      enabled would truncate the cipher list, possibly removing important
      ciphers, and was also breaking secure renegotiations.
    - debian/patches/tls12_workarounds.patch: remove
      OPENSSL_MAX_TLS1_2_CIPHER_LENGTH=50 from Configure.
 -- Marc Deslauriers <email address hidden>   Wed, 01 Oct 2014 16:15:14 -0400
Superseded in utopic-release on 2014-10-16
Deleted in utopic-proposed on 2014-10-18 (Reason: moved to release)
openssl (1.0.1f-1ubuntu8) utopic; urgency=medium

  * Backport collected POWER8 optimisations from upstream (LP: #1290579).
 -- Colin Watson <email address hidden>   Fri, 26 Sep 2014 11:32:32 +0100
Superseded in lucid-updates on 2014-10-16
Superseded in lucid-security on 2014-10-16
openssl (0.9.8k-7ubuntu8.21) lucid-security; urgency=medium

  * SECURITY UPDATE: Properly fix stateless session support (LP: #1356843)
    - fixes regression introduced with fix_renegotiation.patch.
    - debian/patches/fix_stateless_session.patch: added two commits from
      git to properly handle stateless sessions in ssl/s3_srvr.c,
      ssl/ssl_asn1.c, ssl/t1_lib.c.
 -- Marc Deslauriers <email address hidden>   Mon, 18 Aug 2014 11:17:08 -0400
Superseded in utopic-release on 2014-09-29
Deleted in utopic-proposed on 2014-10-01 (Reason: moved to release)
openssl (1.0.1f-1ubuntu7) utopic; urgency=medium

  * SECURITY UPDATE: double free when processing DTLS packets
    - debian/patches/CVE-2014-3505.patch: fix double free in ssl/d1_both.c.
    - CVE-2014-3505
  * SECURITY UPDATE: DTLS memory exhaustion
    - debian/patches/CVE-2014-3506.patch: fix DTLS handshake message size
      checks in ssl/d1_both.c.
    - CVE-2014-3506
  * SECURITY UPDATE: DTLS memory leak from zero-length fragments
    - debian/patches/CVE-2014-3507.patch: fix memory leak and return codes
      in ssl/d1_both.c.
    - CVE-2014-3507
  * SECURITY UPDATE: information leak in pretty printing functions
    - debian/patches/CVE-2014-3508.patch: fix OID handling in
      crypto/asn1/a_object.c, crypto/objects/obj_dat.c.
    - CVE-2014-3508
  * SECURITY UPDATE: race condition in ssl_parse_serverhello_tlsext
    - debian/patches/CVE-2014-3509.patch: fix race in ssl/t1_lib.c.
    - CVE-2014-3509
  * SECURITY UPDATE: DTLS anonymous EC(DH) denial of service
    - debian/patches/CVE-2014-3510.patch: check for server certs in
      ssl/d1_clnt.c, ssl/s3_clnt.c.
    - CVE-2014-3510
  * SECURITY UPDATE: TLS protocol downgrade attack
    - debian/patches/CVE-2014-3511.patch: properly handle fragments in
      ssl/s23_srvr.c.
    - CVE-2014-3511
  * SECURITY UPDATE: SRP buffer overrun
    - debian/patches/CVE-2014-3512.patch: check parameters in
      crypto/srp/srp_lib.c.
    - CVE-2014-3512
  * SECURITY UPDATE: crash with SRP ciphersuite in Server Hello message
    - debian/patches/CVE-2014-5139.patch: fix SRP authentication and make
      sure ciphersuite is set up correctly in ssl/s3_clnt.c, ssl/ssl_lib.c,
      ssl/s3_lib.c, ssl/ssl.h, ssl/ssl_ciph.c, ssl/ssl_locl.h.
    - CVE-2014-5139
 -- Marc Deslauriers <email address hidden>   Thu, 07 Aug 2014 09:34:54 -0400
Superseded in precise-updates on 2014-10-02
Superseded in precise-security on 2014-10-02
openssl (1.0.1-4ubuntu5.17) precise-security; urgency=medium

  * SECURITY UPDATE: double free when processing DTLS packets
    - debian/patches/CVE-2014-3505.patch: fix double free in ssl/d1_both.c.
    - CVE-2014-3505
  * SECURITY UPDATE: DTLS memory exhaustion
    - debian/patches/CVE-2014-3506.patch: fix DTLS handshake message size
      checks in ssl/d1_both.c.
    - CVE-2014-3506
  * SECURITY UPDATE: DTLS memory leak from zero-length fragments
    - debian/patches/CVE-2014-3507.patch: fix memory leak and return codes
      in ssl/d1_both.c.
    - CVE-2014-3507
  * SECURITY UPDATE: information leak in pretty printing functions
    - debian/patches/CVE-2014-3508.patch: fix OID handling in
      crypto/asn1/a_object.c, crypto/objects/obj_dat.c.
    - CVE-2014-3508
  * SECURITY UPDATE: race condition in ssl_parse_serverhello_tlsext
    - debian/patches/CVE-2014-3509.patch: fix race in ssl/t1_lib.c.
    - CVE-2014-3509
  * SECURITY UPDATE: DTLS anonymous EC(DH) denial of service
    - debian/patches/CVE-2014-3510.patch: check for server certs in
      ssl/d1_clnt.c, ssl/s3_clnt.c.
    - CVE-2014-3510
  * SECURITY UPDATE: TLS protocol downgrade attack
    - debian/patches/CVE-2014-3511.patch: properly handle fragments in
      ssl/s23_srvr.c.
    - CVE-2014-3511
  * SECURITY UPDATE: SRP buffer overrun
    - debian/patches/CVE-2014-3512.patch: check parameters in
      crypto/srp/srp_lib.c.
    - CVE-2014-3512
  * SECURITY UPDATE: crash with SRP ciphersuite in Server Hello message
    - debian/patches/CVE-2014-5139.patch: fix SRP authentication and make
      sure ciphersuite is set up correctly in ssl/s3_clnt.c, ssl/ssl_lib.c,
      ssl/s3_lib.c, ssl/ssl.h, ssl/ssl_ciph.c, ssl/ssl_locl.h.
    - CVE-2014-5139
 -- Marc Deslauriers <email address hidden>   Thu, 07 Aug 2014 08:16:48 -0400
Superseded in trusty-updates on 2014-10-16
Superseded in trusty-security on 2014-10-16
openssl (1.0.1f-1ubuntu2.5) trusty-security; urgency=medium

  * SECURITY UPDATE: double free when processing DTLS packets
    - debian/patches/CVE-2014-3505.patch: fix double free in ssl/d1_both.c.
    - CVE-2014-3505
  * SECURITY UPDATE: DTLS memory exhaustion
    - debian/patches/CVE-2014-3506.patch: fix DTLS handshake message size
      checks in ssl/d1_both.c.
    - CVE-2014-3506
  * SECURITY UPDATE: DTLS memory leak from zero-length fragments
    - debian/patches/CVE-2014-3507.patch: fix memory leak and return codes
      in ssl/d1_both.c.
    - CVE-2014-3507
  * SECURITY UPDATE: information leak in pretty printing functions
    - debian/patches/CVE-2014-3508.patch: fix OID handling in
      crypto/asn1/a_object.c, crypto/objects/obj_dat.c.
    - CVE-2014-3508
  * SECURITY UPDATE: race condition in ssl_parse_serverhello_tlsext
    - debian/patches/CVE-2014-3509.patch: fix race in ssl/t1_lib.c.
    - CVE-2014-3509
  * SECURITY UPDATE: DTLS anonymous EC(DH) denial of service
    - debian/patches/CVE-2014-3510.patch: check for server certs in
      ssl/d1_clnt.c, ssl/s3_clnt.c.
    - CVE-2014-3510
  * SECURITY UPDATE: TLS protocol downgrade attack
    - debian/patches/CVE-2014-3511.patch: properly handle fragments in
      ssl/s23_srvr.c.
    - CVE-2014-3511
  * SECURITY UPDATE: SRP buffer overrun
    - debian/patches/CVE-2014-3512.patch: check parameters in
      crypto/srp/srp_lib.c.
    - CVE-2014-3512
  * SECURITY UPDATE: crash with SRP ciphersuite in Server Hello message
    - debian/patches/CVE-2014-5139.patch: fix SRP authentication and make
      sure ciphersuite is set up correctly in ssl/s3_clnt.c, ssl/ssl_lib.c,
      ssl/s3_lib.c, ssl/ssl.h, ssl/ssl_ciph.c, ssl/ssl_locl.h.
    - CVE-2014-5139
 -- Marc Deslauriers <email address hidden>   Thu, 07 Aug 2014 08:03:21 -0400
Superseded in lucid-updates on 2014-08-18
Superseded in lucid-security on 2014-08-18
openssl (0.9.8k-7ubuntu8.20) lucid-security; urgency=medium

  * SECURITY UPDATE: double free when processing DTLS packets
    - debian/patches/CVE-2014-3505.patch: fix double free in ssl/d1_both.c.
    - CVE-2014-3505
  * SECURITY UPDATE: DTLS memory exhaustion
    - debian/patches/CVE-2014-3506.patch: fix DTLS handshake message size
      checks in ssl/d1_both.c.
    - CVE-2014-3506
  * SECURITY UPDATE: information leak in pretty printing functions
    - debian/patches/CVE-2014-3508.patch: fix OID handling in
      crypto/asn1/a_object.c, crypto/objects/obj_dat.c, crypto/asn1/asn1.h,
      crypto/asn1/asn1_err.c.
    - CVE-2014-3508
  * SECURITY UPDATE: DTLS anonymous EC(DH) denial of service
    - debian/patches/CVE-2014-3510.patch: check for server certs in
      ssl/d1_clnt.c, ssl/s3_clnt.c.
    - CVE-2014-3510
  * SECURITY UPDATE: TLS protocol downgrade attack
    - debian/patches/CVE-2014-3511.patch: properly handle fragments in
      ssl/s23_srvr.c.
    - CVE-2014-3511
 -- Marc Deslauriers <email address hidden>   Thu, 07 Aug 2014 08:48:43 -0400

Available diffs

Superseded in utopic-release on 2014-08-07
Deleted in utopic-proposed on 2014-08-08 (Reason: moved to release)
openssl (1.0.1f-1ubuntu6) utopic; urgency=medium

  * SECURITY UPDATE: regression with certain renegotiations (LP: #1332643)
    - debian/patches/CVE-2014-0224-regression2.patch: accept CCS after
      sending finished ssl/s3_clnt.c.
 -- Marc Deslauriers <email address hidden>   Fri, 20 Jun 2014 13:51:23 -0400
Superseded in lucid-updates on 2014-08-07
Superseded in lucid-security on 2014-08-07
openssl (0.9.8k-7ubuntu8.19) lucid-security; urgency=medium

  * SECURITY UPDATE: regression with certain renegotiations (LP: #1332643)
    - debian/patches/CVE-2014-0224-regression2.patch: accept CCS after
      sending finished ssl/s3_clnt.c.
 -- Marc Deslauriers <email address hidden>   Fri, 20 Jun 2014 13:59:20 -0400
Superseded in precise-updates on 2014-08-07
Superseded in precise-security on 2014-08-07
openssl (1.0.1-4ubuntu5.16) precise-security; urgency=medium

  * SECURITY UPDATE: regression with certain renegotiations (LP: #1332643)
    - debian/patches/CVE-2014-0224-regression2.patch: accept CCS after
      sending finished ssl/s3_clnt.c.
 -- Marc Deslauriers <email address hidden>   Fri, 20 Jun 2014 13:57:48 -0400
Obsolete in saucy-updates on 2015-04-24
Obsolete in saucy-security on 2015-04-24
openssl (1.0.1e-3ubuntu1.6) saucy-security; urgency=medium

  * SECURITY UPDATE: regression with certain renegotiations (LP: #1332643)
    - debian/patches/CVE-2014-0224-regression2.patch: accept CCS after
      sending finished ssl/s3_clnt.c.
 -- Marc Deslauriers <email address hidden>   Fri, 20 Jun 2014 13:56:05 -0400
Superseded in trusty-updates on 2014-08-07
Superseded in trusty-security on 2014-08-07
openssl (1.0.1f-1ubuntu2.4) trusty-security; urgency=medium

  * SECURITY UPDATE: regression with certain renegotiations (LP: #1332643)
    - debian/patches/CVE-2014-0224-regression2.patch: accept CCS after
      sending finished ssl/s3_clnt.c.
 -- Marc Deslauriers <email address hidden>   Fri, 20 Jun 2014 13:55:11 -0400
Superseded in utopic-release on 2014-06-23
Deleted in utopic-proposed on 2014-06-24 (Reason: moved to release)
openssl (1.0.1f-1ubuntu5) utopic; urgency=medium

  * SECURITY UPDATE: regression with tls_session_secret_cb (LP: #1329297)
    - debian/patches/CVE-2014-0224.patch: set the CCS_OK flag when using
      tls_session_secret_cb for session resumption in ssl/s3_clnt.c.
 -- Marc Deslauriers <email address hidden>   Thu, 12 Jun 2014 08:23:12 -0400

Available diffs

Superseded in precise-updates on 2014-06-23
Superseded in precise-security on 2014-06-23
openssl (1.0.1-4ubuntu5.15) precise-security; urgency=medium

  * SECURITY UPDATE: regression with tls_session_secret_cb (LP: #1329297)
    - debian/patches/CVE-2014-0224.patch: set the CCS_OK flag when using
      tls_session_secret_cb for session resumption in ssl/s3_clnt.c.
 -- Marc Deslauriers <email address hidden>   Thu, 12 Jun 2014 08:30:56 -0400
Superseded in saucy-updates on 2014-06-23
Superseded in saucy-security on 2014-06-23
openssl (1.0.1e-3ubuntu1.5) saucy-security; urgency=medium

  * SECURITY UPDATE: regression with tls_session_secret_cb (LP: #1329297)
    - debian/patches/CVE-2014-0224.patch: set the CCS_OK flag when using
      tls_session_secret_cb for session resumption in ssl/s3_clnt.c.
 -- Marc Deslauriers <email address hidden>   Thu, 12 Jun 2014 08:30:03 -0400
Superseded in trusty-updates on 2014-06-23
Superseded in trusty-security on 2014-06-23
openssl (1.0.1f-1ubuntu2.3) trusty-security; urgency=medium

  * SECURITY UPDATE: regression with tls_session_secret_cb (LP: #1329297)
    - debian/patches/CVE-2014-0224.patch: set the CCS_OK flag when using
      tls_session_secret_cb for session resumption in ssl/s3_clnt.c.
 -- Marc Deslauriers <email address hidden>   Thu, 12 Jun 2014 08:29:16 -0400
Superseded in utopic-release on 2014-06-12
Deleted in utopic-proposed on 2014-06-13 (Reason: moved to release)
openssl (1.0.1f-1ubuntu4) utopic; urgency=medium

  * SECURITY UPDATE: arbitrary code execution via DTLS invalid fragment
    - debian/patches/CVE-2014-0195.patch: add consistency check for DTLS
      fragments in ssl/d1_both.c.
    - CVE-2014-0195
  * SECURITY UPDATE: denial of service via DTLS recursion flaw
    - debian/patches/CVE-2014-0221.patch: handle DTLS hello request without
      recursion in ssl/d1_both.c.
    - CVE-2014-0221
  * SECURITY UPDATE: MITM via change cipher spec
    - debian/patches/CVE-2014-0224-1.patch: only accept change cipher spec
      when it is expected in ssl/s3_clnt.c, ssl/s3_pkt.c, ssl/s3_srvr.c,
      ssl/ssl3.h.
    - debian/patches/CVE-2014-0224-2.patch: don't accept zero length master
      secrets in ssl/s3_pkt.c.
    - debian/patches/CVE-2014-0224-3.patch: allow CCS after resumption in
      ssl/s3_clnt.c.
    - CVE-2014-0224
  * SECURITY UPDATE: denial of service via ECDH null session cert
    - debian/patches/CVE-2014-3470.patch: check session_cert is not NULL
      before dereferencing it in ssl/s3_clnt.c.
    - CVE-2014-3470
 -- Marc Deslauriers <email address hidden>   Thu, 05 Jun 2014 08:39:17 -0400
Superseded in lucid-updates on 2014-06-23
Superseded in lucid-security on 2014-06-23
openssl (0.9.8k-7ubuntu8.18) lucid-security; urgency=medium

  * SECURITY UPDATE: MITM via change cipher spec
    - debian/patches/CVE-2014-0224-1.patch: only accept change cipher spec
      when it is expected in ssl/s3_clnt.c, ssl/s3_pkt.c, ssl/s3_srvr.c,
      ssl/ssl3.h.
    - debian/patches/CVE-2014-0224-2.patch: don't accept zero length master
      secrets in ssl/s3_pkt.c.
    - debian/patches/CVE-2014-0224-3.patch: allow CCS after resumption in
      ssl/s3_clnt.c.
    - debian/patches/fix_renegotiation.patch: add upstream commit to fix
      renegotiation in ssl/s3_clnt.c, ssl/t1_lib.c.
    - CVE-2014-0224
  * SECURITY UPDATE: denial of service via DTLS recursion flaw
    - debian/patches/CVE-2014-0221.patch: handle DTLS hello request without
      recursion in ssl/d1_both.c.
    - CVE-2014-0221
 -- Marc Deslauriers <email address hidden>   Wed, 04 Jun 2014 19:32:47 -0400
Superseded in precise-updates on 2014-06-12
Superseded in precise-security on 2014-06-12
openssl (1.0.1-4ubuntu5.14) precise-security; urgency=medium

  * SECURITY UPDATE: arbitrary code execution via DTLS invalid fragment
    - debian/patches/CVE-2014-0195.patch: add consistency check for DTLS
      fragments in ssl/d1_both.c.
    - CVE-2014-0195
  * SECURITY UPDATE: denial of service via DTLS recursion flaw
    - debian/patches/CVE-2014-0221.patch: handle DTLS hello request without
      recursion in ssl/d1_both.c.
    - CVE-2014-0221
  * SECURITY UPDATE: MITM via change cipher spec
    - debian/patches/CVE-2014-0224-1.patch: only accept change cipher spec
      when it is expected in ssl/s3_clnt.c, ssl/s3_pkt.c, ssl/s3_srvr.c,
      ssl/ssl3.h.
    - debian/patches/CVE-2014-0224-2.patch: don't accept zero length master
      secrets in ssl/s3_pkt.c.
    - debian/patches/CVE-2014-0224-3.patch: allow CCS after resumption in
      ssl/s3_clnt.c.
    - CVE-2014-0224
  * SECURITY UPDATE: denial of service via ECDH null session cert
    - debian/patches/CVE-2014-3470.patch: check session_cert is not NULL
      before dereferencing it in ssl/s3_clnt.c.
    - CVE-2014-3470
 -- Marc Deslauriers <email address hidden>   Mon, 02 Jun 2014 14:05:34 -0400
Superseded in saucy-updates on 2014-06-12
Superseded in saucy-security on 2014-06-12
openssl (1.0.1e-3ubuntu1.4) saucy-security; urgency=medium

  * SECURITY UPDATE: arbitrary code execution via DTLS invalid fragment
    - debian/patches/CVE-2014-0195.patch: add consistency check for DTLS
      fragments in ssl/d1_both.c.
    - CVE-2014-0195
  * SECURITY UPDATE: denial of service via DTLS recursion flaw
    - debian/patches/CVE-2014-0221.patch: handle DTLS hello request without
      recursion in ssl/d1_both.c.
    - CVE-2014-0221
  * SECURITY UPDATE: MITM via change cipher spec
    - debian/patches/CVE-2014-0224-1.patch: only accept change cipher spec
      when it is expected in ssl/s3_clnt.c, ssl/s3_pkt.c, ssl/s3_srvr.c,
      ssl/ssl3.h.
    - debian/patches/CVE-2014-0224-2.patch: don't accept zero length master
      secrets in ssl/s3_pkt.c.
    - debian/patches/CVE-2014-0224-3.patch: allow CCS after resumption in
      ssl/s3_clnt.c.
    - CVE-2014-0224
  * SECURITY UPDATE: denial of service via ECDH null session cert
    - debian/patches/CVE-2014-3470.patch: check session_cert is not NULL
      before dereferencing it in ssl/s3_clnt.c.
    - CVE-2014-3470
 -- Marc Deslauriers <email address hidden>   Mon, 02 Jun 2014 14:04:18 -0400
Superseded in trusty-updates on 2014-06-12
Superseded in trusty-security on 2014-06-12
openssl (1.0.1f-1ubuntu2.2) trusty-security; urgency=medium

  * SECURITY UPDATE: arbitrary code execution via DTLS invalid fragment
    - debian/patches/CVE-2014-0195.patch: add consistency check for DTLS
      fragments in ssl/d1_both.c.
    - CVE-2014-0195
  * SECURITY UPDATE: denial of service via DTLS recursion flaw
    - debian/patches/CVE-2014-0221.patch: handle DTLS hello request without
      recursion in ssl/d1_both.c.
    - CVE-2014-0221
  * SECURITY UPDATE: MITM via change cipher spec
    - debian/patches/CVE-2014-0224-1.patch: only accept change cipher spec
      when it is expected in ssl/s3_clnt.c, ssl/s3_pkt.c, ssl/s3_srvr.c,
      ssl/ssl3.h.
    - debian/patches/CVE-2014-0224-2.patch: don't accept zero length master
      secrets in ssl/s3_pkt.c.
    - debian/patches/CVE-2014-0224-3.patch: allow CCS after resumption in
      ssl/s3_clnt.c.
    - CVE-2014-0224
  * SECURITY UPDATE: denial of service via ECDH null session cert
    - debian/patches/CVE-2014-3470.patch: check session_cert is not NULL
      before dereferencing it in ssl/s3_clnt.c.
    - CVE-2014-3470
 -- Marc Deslauriers <email address hidden>   Mon, 02 Jun 2014 13:57:34 -0400
Superseded in utopic-release on 2014-06-05
Deleted in utopic-proposed on 2014-06-06 (Reason: moved to release)
openssl (1.0.1f-1ubuntu3) utopic; urgency=medium

  * SECURITY UPDATE: denial of service via use after free
    - debian/patches/CVE-2010-5298.patch: check s->s3->rbuf.left before
      releasing buffers in ssl/s3_pkt.c.
    - CVE-2010-5298
  * SECURITY UPDATE: denial of service via null pointer dereference
    - debian/patches/CVE-2014-0198.patch: if buffer was released, get a new
      one in ssl/s3_pkt.c.
    - CVE-2014-0198
 -- Marc Deslauriers <email address hidden>   Fri, 02 May 2014 15:18:26 -0400
Superseded in trusty-updates on 2014-06-05
Superseded in trusty-security on 2014-06-05
openssl (1.0.1f-1ubuntu2.1) trusty-security; urgency=medium

  * SECURITY UPDATE: denial of service via use after free
    - debian/patches/CVE-2010-5298.patch: check s->s3->rbuf.left before
      releasing buffers in ssl/s3_pkt.c.
    - CVE-2010-5298
  * SECURITY UPDATE: denial of service via null pointer dereference
    - debian/patches/CVE-2014-0198.patch: if buffer was released, get a new
      one in ssl/s3_pkt.c.
    - CVE-2014-0198
 -- Marc Deslauriers <email address hidden>   Fri, 02 May 2014 15:23:01 -0400
Superseded in saucy-updates on 2014-06-05
Superseded in saucy-security on 2014-06-05
openssl (1.0.1e-3ubuntu1.3) saucy-security; urgency=medium

  * SECURITY UPDATE: denial of service via use after free
    - debian/patches/CVE-2010-5298.patch: check s->s3->rbuf.left before
      releasing buffers in ssl/s3_pkt.c.
    - CVE-2010-5298
  * SECURITY UPDATE: denial of service via null pointer dereference
    - debian/patches/CVE-2014-0198.patch: if buffer was released, get a new
      one in ssl/s3_pkt.c.
    - CVE-2014-0198
 -- Marc Deslauriers <email address hidden>   Fri, 02 May 2014 15:27:06 -0400
Superseded in precise-updates on 2014-06-05
Superseded in precise-security on 2014-06-05
openssl (1.0.1-4ubuntu5.13) precise-security; urgency=medium

  * SECURITY UPDATE: denial of service via use after free
    - debian/patches/CVE-2010-5298.patch: check s->s3->rbuf.left before
      releasing buffers in ssl/s3_pkt.c.
    - CVE-2010-5298
  * SECURITY UPDATE: denial of service via null pointer dereference
    - debian/patches/CVE-2014-0198.patch: if buffer was released, get a new
      one in ssl/s3_pkt.c.
    - CVE-2014-0198
 -- Marc Deslauriers <email address hidden>   Fri, 02 May 2014 15:28:21 -0400
Obsolete in quantal-updates on 2015-04-24
Obsolete in quantal-security on 2015-04-24
openssl (1.0.1c-3ubuntu2.8) quantal-security; urgency=medium

  * SECURITY UPDATE: denial of service via use after free
    - debian/patches/CVE-2010-5298.patch: check s->s3->rbuf.left before
      releasing buffers in ssl/s3_pkt.c.
    - CVE-2010-5298
  * SECURITY UPDATE: denial of service via null pointer dereference
    - debian/patches/CVE-2014-0198.patch: if buffer was released, get a new
      one in ssl/s3_pkt.c.
    - CVE-2014-0198
 -- Marc Deslauriers <email address hidden>   Fri, 02 May 2014 15:27:44 -0400
Superseded in utopic-release on 2014-05-02
Published in trusty-release on 2014-04-07
Deleted in trusty-proposed (Reason: moved to release)
openssl (1.0.1f-1ubuntu2) trusty; urgency=medium

  * SECURITY UPDATE: side-channel attack on Montgomery ladder implementation
    - debian/patches/CVE-2014-0076.patch: add and use constant time swap in
      crypto/bn/bn.h, crypto/bn/bn_lib.c, crypto/ec/ec2_mult.c,
      util/libeay.num.
    - CVE-2014-0076
  * SECURITY UPDATE: memory disclosure in TLS heartbeat extension
    - debian/patches/CVE-2014-0160.patch: use correct lengths in
      ssl/d1_both.c, ssl/t1_lib.c.
    - CVE-2014-0160
 -- Marc Deslauriers <email address hidden>   Mon, 07 Apr 2014 15:37:53 -0400
Superseded in precise-updates on 2014-05-05
Superseded in precise-security on 2014-05-05
openssl (1.0.1-4ubuntu5.12) precise-security; urgency=medium

  * SECURITY UPDATE: side-channel attack on Montgomery ladder implementation
    - debian/patches/CVE-2014-0076.patch: add and use constant time swap in
      crypto/bn/bn.h, crypto/bn/bn_lib.c, crypto/ec/ec2_mult.c,
      util/libeay.num.
    - CVE-2014-0076
  * SECURITY UPDATE: memory disclosure in TLS heartbeat extension
    - debian/patches/CVE-2014-0160.patch: use correct lengths in
      ssl/d1_both.c, ssl/t1_lib.c.
    - CVE-2014-0160
 -- Marc Deslauriers <email address hidden>   Mon, 07 Apr 2014 15:45:14 -0400
Superseded in quantal-updates on 2014-05-05
Superseded in quantal-security on 2014-05-05
openssl (1.0.1c-3ubuntu2.7) quantal-security; urgency=medium

  * SECURITY UPDATE: side-channel attack on Montgomery ladder implementation
    - debian/patches/CVE-2014-0076.patch: add and use constant time swap in
      crypto/bn/bn.h, crypto/bn/bn_lib.c, crypto/ec/ec2_mult.c,
      util/libeay.num.
    - CVE-2014-0076
  * SECURITY UPDATE: memory disclosure in TLS heartbeat extension
    - debian/patches/CVE-2014-0160.patch: use correct lengths in
      ssl/d1_both.c, ssl/t1_lib.c.
    - CVE-2014-0160
 -- Marc Deslauriers <email address hidden>   Mon, 07 Apr 2014 15:44:36 -0400
Superseded in saucy-updates on 2014-05-05
Superseded in saucy-security on 2014-05-05
openssl (1.0.1e-3ubuntu1.2) saucy-security; urgency=medium

  * SECURITY UPDATE: side-channel attack on Montgomery ladder implementation
    - debian/patches/CVE-2014-0076.patch: add and use constant time swap in
      crypto/bn/bn.h, crypto/bn/bn_lib.c, crypto/ec/ec2_mult.c,
      util/libeay.num.
    - CVE-2014-0076
  * SECURITY UPDATE: memory disclosure in TLS heartbeat extension
    - debian/patches/CVE-2014-0160.patch: use correct lengths in
      ssl/d1_both.c, ssl/t1_lib.c.
    - CVE-2014-0160
 -- Marc Deslauriers <email address hidden>   Mon, 07 Apr 2014 15:43:47 -0400
Superseded in trusty-release on 2014-04-07
Deleted in trusty-proposed on 2014-04-09 (Reason: moved to release)
openssl (1.0.1f-1ubuntu1) trusty; urgency=low

  * Merge with Debian, remaining changes.
    - debian/libssl1.0.0.postinst:
      + Display a system restart required notification on libssl1.0.0
        upgrade on servers.
      + Use a different priority for libssl1.0.0/restart-services depending
        on whether a desktop, or server dist-upgrade is being performed.
    - debian/{libssl1.0.0-udeb.dirs, control, rules}: Create
      libssl1.0.0-udeb, for the benefit of wget-udeb (no wget-udeb package
      in Debian).
    - debian/{libcrypto1.0.0-udeb.dirs, libssl1.0.0.dirs, libssl1.0.0.files,
      rules}: Move runtime libraries to /lib, for the benefit of
      wpasupplicant.
    - debian/patches/perlpath-quilt.patch: Don't change perl #! paths under
      .pc.
    - debian/rules:
      + Don't run 'make test' when cross-building.
      + Use host compiler when cross-building.  Patch from Neil Williams.
      + Don't build for processors no longer supported: i586 (on i386)
      + Fix Makefile to properly clean up libs/ dirs in clean target.
      + Replace duplicate files in the doc directory with symlinks.
    - debian/control: Mark Debian Vcs-* as XS-Debian-Vcs-*
    - debian/patches/ubuntu_deb676533_arm_asm.patch: Enable arm assembly
      code.
    - debian/rules: Enable optimized 64bit elliptic curve code contributed
      by Google.
  * Dropped changes:
    - debian/patches/arm64-support: included in debian-targets.patch
    - debian/patches/no_default_rdrand.patch: upstream
    - debian/patches/openssl-1.0.1e-env-zlib.patch: zlib is now completely
      disabled in debian/rules

Available diffs

Superseded in saucy-updates on 2014-04-07
Superseded in saucy-security on 2014-04-07
openssl (1.0.1e-3ubuntu1.1) saucy-security; urgency=low

  * SECURITY UPDATE: denial of service via invalid TLS handshake
    - debian/patches/CVE-2013-4353.patch: handle no new cipher setup in
      ssl/s3_both.c.
    - CVE-2013-4353
  * SECURITY UPDATE: denial of service via incorrect data structure
    - debian/patches/CVE-2013-6449.patch: check for handshake digests in
      ssl/s3_both.c,ssl/s3_pkt.c,ssl/t1_enc.c, use proper version in
      ssl/s3_lib.c.
    - CVE-2013-6449
  * SECURITY UPDATE: denial of service via DTLS retransmission
    - debian/patches/CVE-2013-6450.patch: fix DTLS retransmission in
      crypto/evp/digest.c,ssl/d1_both.c,ssl/s3_pkt.c,ssl/s3_srvr.c,
      ssl/ssl_locl.h,ssl/t1_enc.c.
    - CVE-2013-6450
  * debian/patches/no_default_rdrand.patch: Don't use rdrand engine as
    default unless explicitly requested.
 -- Marc Deslauriers <email address hidden>   Wed, 08 Jan 2014 14:47:29 -0500
Superseded in quantal-updates on 2014-04-07
Superseded in quantal-security on 2014-04-07
openssl (1.0.1c-3ubuntu2.6) quantal-security; urgency=low

  * SECURITY UPDATE: denial of service via invalid TLS handshake
    - debian/patches/CVE-2013-4353.patch: handle no new cipher setup in
      ssl/s3_both.c.
    - CVE-2013-4353
  * SECURITY UPDATE: denial of service via incorrect data structure
    - debian/patches/CVE-2013-6449.patch: check for handshake digests in
      ssl/s3_both.c,ssl/s3_pkt.c,ssl/t1_enc.c, use proper version in
      ssl/s3_lib.c.
    - CVE-2013-6449
  * SECURITY UPDATE: denial of service via DTLS retransmission
    - debian/patches/CVE-2013-6450.patch: fix DTLS retransmission in
      crypto/evp/digest.c,ssl/d1_both.c,ssl/s3_pkt.c,ssl/s3_srvr.c,
      ssl/ssl_locl.h,ssl/t1_enc.c.
    - CVE-2013-6450
  * debian/patches/no_default_rdrand.patch: Don't use rdrand engine as
    default unless explicitly requested.
 -- Marc Deslauriers <email address hidden>   Wed, 08 Jan 2014 14:58:35 -0500
Obsolete in raring-updates on 2015-04-24
Obsolete in raring-security on 2015-04-24
openssl (1.0.1c-4ubuntu8.2) raring-security; urgency=low

  * SECURITY UPDATE: denial of service via invalid TLS handshake
    - debian/patches/CVE-2013-4353.patch: handle no new cipher setup in
      ssl/s3_both.c.
    - CVE-2013-4353
  * SECURITY UPDATE: denial of service via incorrect data structure
    - debian/patches/CVE-2013-6449.patch: check for handshake digests in
      ssl/s3_both.c,ssl/s3_pkt.c,ssl/t1_enc.c, use proper version in
      ssl/s3_lib.c.
    - CVE-2013-6449
  * SECURITY UPDATE: denial of service via DTLS retransmission
    - debian/patches/CVE-2013-6450.patch: fix DTLS retransmission in
      crypto/evp/digest.c,ssl/d1_both.c,ssl/s3_pkt.c,ssl/s3_srvr.c,
      ssl/ssl_locl.h,ssl/t1_enc.c.
    - CVE-2013-6450
  * debian/patches/no_default_rdrand.patch: Don't use rdrand engine as
    default unless explicitly requested.
 -- Marc Deslauriers <email address hidden>   Wed, 08 Jan 2014 14:55:58 -0500
Superseded in precise-updates on 2014-04-07
Superseded in precise-security on 2014-04-07
openssl (1.0.1-4ubuntu5.11) precise-security; urgency=low

  * SECURITY UPDATE: denial of service via invalid TLS handshake
    - debian/patches/CVE-2013-4353.patch: handle no new cipher setup in
      ssl/s3_both.c.
    - CVE-2013-4353
  * SECURITY UPDATE: denial of service via incorrect data structure
    - debian/patches/CVE-2013-6449.patch: check for handshake digests in
      ssl/s3_both.c,ssl/s3_pkt.c,ssl/t1_enc.c, use proper version in
      ssl/s3_lib.c.
    - CVE-2013-6449
  * SECURITY UPDATE: denial of service via DTLS retransmission
    - debian/patches/CVE-2013-6450.patch: fix DTLS retransmission in
      crypto/evp/digest.c,ssl/d1_both.c,ssl/s3_pkt.c,ssl/s3_srvr.c,
      ssl/ssl_locl.h,ssl/t1_enc.c.
    - CVE-2013-6450
  * debian/patches/no_default_rdrand.patch: Don't use rdrand engine as
    default unless explicitly requested.
 -- Marc Deslauriers <email address hidden>   Wed, 08 Jan 2014 14:59:50 -0500
Superseded in trusty-release on 2014-01-10
Deleted in trusty-proposed on 2014-01-11 (Reason: moved to release)
openssl (1.0.1e-4ubuntu4) trusty; urgency=low

  * debian/patches/no_default_rdrand.patch: Don't use rdrand engine as
    default unless explicitly requested.
 -- Marc Deslauriers <email address hidden>   Thu, 19 Dec 2013 15:39:22 -0500

Available diffs

Superseded in trusty-release on 2013-12-20
Deleted in trusty-proposed on 2013-12-21 (Reason: moved to release)
openssl (1.0.1e-4ubuntu3) trusty; urgency=medium

  * Update debian configuration.
 -- Matthias Klose <email address hidden>   Thu, 05 Dec 2013 14:34:48 +0100
Superseded in trusty-release on 2013-12-05
Deleted in trusty-proposed on 2013-12-06 (Reason: moved to release)
openssl (1.0.1e-4ubuntu2) trusty; urgency=low

  * Re-enable full TLSv1.2 support (LP: #1257877)
    - debian/patches/tls12_workarounds.patch: disable patch to re-enable
      full TLSv1.2 support. Most problematic sites have been fixed now, and
      we really want proper TLSv1.2 support in an LTS.
 -- Marc Deslauriers <email address hidden>   Wed, 04 Dec 2013 12:33:44 -0500

Available diffs

Superseded in trusty-release on 2013-12-05
Deleted in trusty-proposed on 2013-12-06 (Reason: moved to release)
openssl (1.0.1e-4ubuntu1) trusty; urgency=low

  * Merge with Debian; remaining changes same as in 1.0.1e-3ubuntu1.

Superseded in trusty-release on 2013-12-04
Obsolete in saucy-release on 2015-04-24
Deleted in saucy-proposed on 2015-04-28 (Reason: moved to release)
openssl (1.0.1e-3ubuntu1) saucy; urgency=low

  * Merge with Debian, remaining changes.
    - debian/libssl1.0.0.postinst:
      + Display a system restart required notification on libssl1.0.0
        upgrade on servers.
      + Use a different priority for libssl1.0.0/restart-services depending
        on whether a desktop, or server dist-upgrade is being performed.
    - debian/{libssl1.0.0-udeb.dirs, control, rules}: Create
      libssl1.0.0-udeb, for the benefit of wget-udeb (no wget-udeb package
      in Debian).
    - debian/{libcrypto1.0.0-udeb.dirs, libssl1.0.0.dirs, libssl1.0.0.files,
      rules}: Move runtime libraries to /lib, for the benefit of
      wpasupplicant.
    - debian/patches/perlpath-quilt.patch: Don't change perl #! paths under
      .pc.
    - debian/rules:
      + Don't run 'make test' when cross-building.
      + Use host compiler when cross-building.  Patch from Neil Williams.
      + Don't build for processors no longer supported: i586 (on i386)
      + Fix Makefile to properly clean up libs/ dirs in clean target.
      + Replace duplicate files in the doc directory with symlinks.
    - Unapply patch c_rehash-multi and comment it out in the series as it
      breaks parsing of certificates with CRLF line endings and other cases
      (see Debian #642314 for discussion), it also changes the semantics of
      c_rehash directories by requiring applications to parse hash link
      targets as files containing potentially *multiple* certificates rather
      than exactly one.
    - debian/patches/tls12_workarounds.patch: Workaround large client hello
      issues when TLS 1.1 and lower is in use
    - debian/control: Mark Debian Vcs-* as XS-Debian-Vcs-*
    - debian/patches/ubuntu_deb676533_arm_asm.patch: Enable arm assembly
      code.
    - debian/patches/arm64-support: Add basic arm64 support (no assembler)
    - debian/rules: Enable optimized 64bit elliptic curve code contributed
      by Google.
  * debian/patches/tls12_workarounds.patch: updated to also disable TLS 1.2
    in test suite since we disable it in the client.
  * Disable compression to avoid CRIME systemwide (CVE-2012-4929).
  * Dropped changes:
    - debian/patches/ubuntu_deb676533_arm_asm.patch, applied in Debian.

Superseded in saucy-release on 2013-07-27
Deleted in saucy-proposed on 2013-07-28 (Reason: moved to release)
openssl (1.0.1e-2ubuntu1.1) saucy-security; urgency=low

  * SECURITY UPDATE: Disable compression to avoid CRIME systemwide
    (LP: #1187195)
    - CVE-2012-4929
    - debian/patches/openssl-1.0.1e-env-zlib.patch: disable default use of
      zlib to compress SSL/TLS unless the environment variable
      OPENSSL_DEFAULT_ZLIB is set in the environment during library
      initialization.
    - Introduced to assist with programs not yet updated to provide their own
      controls on compression, such as Postfix
    - http://pkgs.fedoraproject.org/cgit/openssl.git/plain/openssl-1.0.1e-env-zlib.patch
 -- Seth Arnold <email address hidden>   Mon, 03 Jun 2013 18:14:05 -0700
Superseded in raring-updates on 2014-01-09
Superseded in raring-security on 2014-01-09
Deleted in raring-proposed on 2014-01-11 (Reason: moved to -updates)
openssl (1.0.1c-4ubuntu8.1) raring-security; urgency=low

  * SECURITY UPDATE: Disable compression to avoid CRIME systemwide
    (LP: #1187195)
    - CVE-2012-4929
    - debian/patches/openssl-1.0.1e-env-zlib.patch: disable default use of
      zlib to compress SSL/TLS unless the environment variable
      OPENSSL_DEFAULT_ZLIB is set in the environment during library
      initialization.
    - Introduced to assist with programs not yet updated to provide their own
      controls on compression, such as Postfix
    - http://pkgs.fedoraproject.org/cgit/openssl.git/plain/openssl-1.0.1e-env-zlib.patch
 -- Seth Arnold <email address hidden>   Mon, 03 Jun 2013 18:13:47 -0700
Superseded in quantal-updates on 2014-01-09
Superseded in quantal-security on 2014-01-09
Deleted in quantal-proposed on 2014-01-11 (Reason: moved to -updates)
openssl (1.0.1c-3ubuntu2.5) quantal-security; urgency=low

  * SECURITY UPDATE: Disable compression to avoid CRIME systemwide
    (LP: #1187195)
    - CVE-2012-4929
    - debian/patches/openssl-1.0.1e-env-zlib.patch: disable default use of
      zlib to compress SSL/TLS unless the environment variable
      OPENSSL_DEFAULT_ZLIB is set in the environment during library
      initialization.
    - Introduced to assist with programs not yet updated to provide their own
      controls on compression, such as Postfix
    - http://pkgs.fedoraproject.org/cgit/openssl.git/plain/openssl-1.0.1e-env-zlib.patch
 -- Seth Arnold <email address hidden>   Mon, 03 Jun 2013 18:13:33 -0700
Superseded in precise-updates on 2014-01-09
Superseded in precise-security on 2014-01-09
Deleted in precise-proposed on 2014-01-11 (Reason: moved to -updates)
openssl (1.0.1-4ubuntu5.10) precise-security; urgency=low

  * SECURITY UPDATE: Disable compression to avoid CRIME systemwide
    (LP: #1187195)
    - CVE-2012-4929
    - debian/patches/openssl-1.0.1e-env-zlib.patch: disable default use of
      zlib to compress SSL/TLS unless the environment variable
      OPENSSL_DEFAULT_ZLIB is set in the environment during library
      initialization.
    - Introduced to assist with programs not yet updated to provide their own
      controls on compression, such as Postfix
    - http://pkgs.fedoraproject.org/cgit/openssl.git/plain/openssl-1.0.1e-env-zlib.patch
 -- Seth Arnold <email address hidden>   Mon, 03 Jun 2013 18:13:18 -0700
Superseded in lucid-updates on 2014-06-05
Superseded in lucid-security on 2014-06-05
Deleted in lucid-proposed on 2014-06-06 (Reason: moved to -updates)
openssl (0.9.8k-7ubuntu8.15) lucid-security; urgency=low

  * SECURITY UPDATE: Disable compression to avoid CRIME systemwide
    (LP: #1187195)
    - CVE-2012-4929
    - debian/patches/openssl-1.0.1e-env-zlib.patch: disable default use of
      zlib to compress SSL/TLS unless the environment variable
      OPENSSL_DEFAULT_ZLIB is set in the environment during library
      initialization.
    - Introduced to assist with programs not yet updated to provide their own
      controls on compression, such as Postfix
    - http://pkgs.fedoraproject.org/cgit/openssl.git/plain/openssl-1.0.1e-env-zlib.patch
 -- Seth Arnold <email address hidden>   Mon, 03 Jun 2013 20:37:34 -0700
Superseded in saucy-release on 2013-06-10
Deleted in saucy-proposed on 2013-06-12 (Reason: moved to release)
openssl (1.0.1e-2ubuntu1) saucy; urgency=low

  * Resynchronise with Debian unstable.  Remaining changes:
    - debian/libssl1.0.0.postinst:
      + Display a system restart required notification on libssl1.0.0
        upgrade on servers.
      + Use a different priority for libssl1.0.0/restart-services depending
        on whether a desktop, or server dist-upgrade is being performed.
    - debian/{libssl1.0.0-udeb.dirs, control, rules}: Create
      libssl1.0.0-udeb, for the benefit of wget-udeb (no wget-udeb package
      in Debian).
    - debian/{libcrypto1.0.0-udeb.dirs, libssl1.0.0.dirs, libssl1.0.0.files,
      rules}: Move runtime libraries to /lib, for the benefit of
      wpasupplicant.
    - debian/patches/perlpath-quilt.patch: Don't change perl #! paths under
      .pc.
    - debian/rules:
      + Don't run 'make test' when cross-building.
      + Use host compiler when cross-building.  Patch from Neil Williams.
      + Don't build for processors no longer supported: i586 (on i386)
      + Fix Makefile to properly clean up libs/ dirs in clean target.
      + Replace duplicate files in the doc directory with symlinks.
    - Unapply patch c_rehash-multi and comment it out in the series as it
      breaks parsing of certificates with CRLF line endings and other cases
      (see Debian #642314 for discussion), it also changes the semantics of
      c_rehash directories by requiring applications to parse hash link
      targets as files containing potentially *multiple* certificates rather
      than exactly one.
    - debian/patches/tls12_workarounds.patch: Workaround large client hello
      issues when TLS 1.1 and lower is in use
    - debian/control: Mark Debian Vcs-* as XS-Debian-Vcs-*
    - debian/patches/ubuntu_deb676533_arm_asm.patch: Enable arm assembly
      code.
    - debian/patches/arm64-support: Add basic arm64 support (no assembler)
    - debian/rules: Enable optimized 64bit elliptic curve code contributed
      by Google.
  * debian/patches/tls12_workarounds.patch: updated to also disable TLS 1.2
    in test suite since we disable it in the client.
  * Dropped changes:
    - debian/patches/CVE-2013-0169.patch: upstream.
    - debian/patches/fix_key_decoding_deadlock.patch: upstream.
    - debian/patches/CVE-2013-0166.patch: upstream.

Superseded in quantal-updates on 2013-07-04
Deleted in quantal-proposed on 2013-07-05 (Reason: moved to -updates)
openssl (1.0.1c-3ubuntu2.4) quantal; urgency=low

  [ Dmitrijs Ledkovs ]
  * Enable arm assembly code. (LP: #1083498) (Closes: #676533)
  * Enable optimized 64bit elliptic curve code contributed by Google. (LP: #1018522)

  [ Marc Deslauriers ]
  * debian/patches/fix_key_decoding_deadlock.patch: Fix possible deadlock
    when decoding public keys. (LP: #1066032)
 -- Dmitrijs Ledkovs <email address hidden>   Thu, 04 Apr 2013 12:15:11 +0100
Superseded in precise-updates on 2013-07-04
Deleted in precise-proposed on 2013-07-05 (Reason: moved to -updates)
openssl (1.0.1-4ubuntu5.9) precise; urgency=low

  [ Dmitrijs Ledkovs ]
  * Enable arm assembly code. (LP: #1083498) (Closes: #676533)
  * Enable optimized 64bit elliptic curve code contributed by Google. (LP: #1018522)

  [ Marc Deslauriers ]
  * debian/patches/fix_key_decoding_deadlock.patch: Fix possible deadlock
    when decoding public keys. (LP: #1066032)
 -- Dmitrijs Ledkovs <email address hidden>   Mon, 15 Apr 2013 13:44:50 +0100
Superseded in precise-updates on 2013-05-06
Superseded in precise-security on 2013-07-04
openssl (1.0.1-4ubuntu5.8) precise-security; urgency=low

  * SECURITY UPDATE: "Lucky Thirteen" timing side-channel TLS attack
    - debian/patches/CVE-2013-0169.patch: re-enabled patch and added extra
      commits from upstream to fix regression.
    - CVE-2013-0169
 -- Marc Deslauriers <email address hidden>   Tue, 19 Mar 2013 14:43:57 -0400
175 of 248 results