Ubuntu

Change log for “openssl” package in Ubuntu

175 of 196 results
Published in trusty-release on 2014-04-07
Deleted in trusty-proposed (Reason: moved to release)
openssl (1.0.1f-1ubuntu2) trusty; urgency=medium

  * SECURITY UPDATE: side-channel attack on Montgomery ladder implementation
    - debian/patches/CVE-2014-0076.patch: add and use constant time swap in
      crypto/bn/bn.h, crypto/bn/bn_lib.c, crypto/ec/ec2_mult.c,
      util/libeay.num.
    - CVE-2014-0076
  * SECURITY UPDATE: memory disclosure in TLS heartbeat extension
    - debian/patches/CVE-2014-0160.patch: use correct lengths in
      ssl/d1_both.c, ssl/t1_lib.c.
    - CVE-2014-0160
 -- Marc Deslauriers <email address hidden>   Mon, 07 Apr 2014 15:37:53 -0400
Published in precise-updates on 2014-04-07
Published in precise-security on 2014-04-07
openssl (1.0.1-4ubuntu5.12) precise-security; urgency=medium

  * SECURITY UPDATE: side-channel attack on Montgomery ladder implementation
    - debian/patches/CVE-2014-0076.patch: add and use constant time swap in
      crypto/bn/bn.h, crypto/bn/bn_lib.c, crypto/ec/ec2_mult.c,
      util/libeay.num.
    - CVE-2014-0076
  * SECURITY UPDATE: memory disclosure in TLS heartbeat extension
    - debian/patches/CVE-2014-0160.patch: use correct lengths in
      ssl/d1_both.c, ssl/t1_lib.c.
    - CVE-2014-0160
 -- Marc Deslauriers <email address hidden>   Mon, 07 Apr 2014 15:45:14 -0400
Published in quantal-updates on 2014-04-07
Published in quantal-security on 2014-04-07
openssl (1.0.1c-3ubuntu2.7) quantal-security; urgency=medium

  * SECURITY UPDATE: side-channel attack on Montgomery ladder implementation
    - debian/patches/CVE-2014-0076.patch: add and use constant time swap in
      crypto/bn/bn.h, crypto/bn/bn_lib.c, crypto/ec/ec2_mult.c,
      util/libeay.num.
    - CVE-2014-0076
  * SECURITY UPDATE: memory disclosure in TLS heartbeat extension
    - debian/patches/CVE-2014-0160.patch: use correct lengths in
      ssl/d1_both.c, ssl/t1_lib.c.
    - CVE-2014-0160
 -- Marc Deslauriers <email address hidden>   Mon, 07 Apr 2014 15:44:36 -0400
Published in saucy-updates on 2014-04-07
Published in saucy-security on 2014-04-07
openssl (1.0.1e-3ubuntu1.2) saucy-security; urgency=medium

  * SECURITY UPDATE: side-channel attack on Montgomery ladder implementation
    - debian/patches/CVE-2014-0076.patch: add and use constant time swap in
      crypto/bn/bn.h, crypto/bn/bn_lib.c, crypto/ec/ec2_mult.c,
      util/libeay.num.
    - CVE-2014-0076
  * SECURITY UPDATE: memory disclosure in TLS heartbeat extension
    - debian/patches/CVE-2014-0160.patch: use correct lengths in
      ssl/d1_both.c, ssl/t1_lib.c.
    - CVE-2014-0160
 -- Marc Deslauriers <email address hidden>   Mon, 07 Apr 2014 15:43:47 -0400
Superseded in trusty-release on 2014-04-07
Deleted in trusty-proposed on 2014-04-09 (Reason: moved to release)
openssl (1.0.1f-1ubuntu1) trusty; urgency=low

  * Merge with Debian, remaining changes.
    - debian/libssl1.0.0.postinst:
      + Display a system restart required notification on libssl1.0.0
        upgrade on servers.
      + Use a different priority for libssl1.0.0/restart-services depending
        on whether a desktop, or server dist-upgrade is being performed.
    - debian/{libssl1.0.0-udeb.dirs, control, rules}: Create
      libssl1.0.0-udeb, for the benefit of wget-udeb (no wget-udeb package
      in Debian).
    - debian/{libcrypto1.0.0-udeb.dirs, libssl1.0.0.dirs, libssl1.0.0.files,
      rules}: Move runtime libraries to /lib, for the benefit of
      wpasupplicant.
    - debian/patches/perlpath-quilt.patch: Don't change perl #! paths under
      .pc.
    - debian/rules:
      + Don't run 'make test' when cross-building.
      + Use host compiler when cross-building.  Patch from Neil Williams.
      + Don't build for processors no longer supported: i586 (on i386)
      + Fix Makefile to properly clean up libs/ dirs in clean target.
      + Replace duplicate files in the doc directory with symlinks.
    - debian/control: Mark Debian Vcs-* as XS-Debian-Vcs-*
    - debian/patches/ubuntu_deb676533_arm_asm.patch: Enable arm assembly
      code.
    - debian/rules: Enable optimized 64bit elliptic curve code contributed
      by Google.
  * Dropped changes:
    - debian/patches/arm64-support: included in debian-targets.patch
    - debian/patches/no_default_rdrand.patch: upstream
    - debian/patches/openssl-1.0.1e-env-zlib.patch: zlib is now completely
      disabled in debian/rules

Available diffs

Superseded in saucy-updates on 2014-04-07
Superseded in saucy-security on 2014-04-07
openssl (1.0.1e-3ubuntu1.1) saucy-security; urgency=low

  * SECURITY UPDATE: denial of service via invalid TLS handshake
    - debian/patches/CVE-2013-4353.patch: handle no new cipher setup in
      ssl/s3_both.c.
    - CVE-2013-4353
  * SECURITY UPDATE: denial of service via incorrect data structure
    - debian/patches/CVE-2013-6449.patch: check for handshake digests in
      ssl/s3_both.c,ssl/s3_pkt.c,ssl/t1_enc.c, use proper version in
      ssl/s3_lib.c.
    - CVE-2013-6449
  * SECURITY UPDATE: denial of service via DTLS retransmission
    - debian/patches/CVE-2013-6450.patch: fix DTLS retransmission in
      crypto/evp/digest.c,ssl/d1_both.c,ssl/s3_pkt.c,ssl/s3_srvr.c,
      ssl/ssl_locl.h,ssl/t1_enc.c.
    - CVE-2013-6450
  * debian/patches/no_default_rdrand.patch: Don't use rdrand engine as
    default unless explicitly requested.
 -- Marc Deslauriers <email address hidden>   Wed, 08 Jan 2014 14:47:29 -0500
Superseded in quantal-updates on 2014-04-07
Superseded in quantal-security on 2014-04-07
openssl (1.0.1c-3ubuntu2.6) quantal-security; urgency=low

  * SECURITY UPDATE: denial of service via invalid TLS handshake
    - debian/patches/CVE-2013-4353.patch: handle no new cipher setup in
      ssl/s3_both.c.
    - CVE-2013-4353
  * SECURITY UPDATE: denial of service via incorrect data structure
    - debian/patches/CVE-2013-6449.patch: check for handshake digests in
      ssl/s3_both.c,ssl/s3_pkt.c,ssl/t1_enc.c, use proper version in
      ssl/s3_lib.c.
    - CVE-2013-6449
  * SECURITY UPDATE: denial of service via DTLS retransmission
    - debian/patches/CVE-2013-6450.patch: fix DTLS retransmission in
      crypto/evp/digest.c,ssl/d1_both.c,ssl/s3_pkt.c,ssl/s3_srvr.c,
      ssl/ssl_locl.h,ssl/t1_enc.c.
    - CVE-2013-6450
  * debian/patches/no_default_rdrand.patch: Don't use rdrand engine as
    default unless explicitly requested.
 -- Marc Deslauriers <email address hidden>   Wed, 08 Jan 2014 14:58:35 -0500
Published in raring-updates on 2014-01-09
Published in raring-security on 2014-01-09
openssl (1.0.1c-4ubuntu8.2) raring-security; urgency=low

  * SECURITY UPDATE: denial of service via invalid TLS handshake
    - debian/patches/CVE-2013-4353.patch: handle no new cipher setup in
      ssl/s3_both.c.
    - CVE-2013-4353
  * SECURITY UPDATE: denial of service via incorrect data structure
    - debian/patches/CVE-2013-6449.patch: check for handshake digests in
      ssl/s3_both.c,ssl/s3_pkt.c,ssl/t1_enc.c, use proper version in
      ssl/s3_lib.c.
    - CVE-2013-6449
  * SECURITY UPDATE: denial of service via DTLS retransmission
    - debian/patches/CVE-2013-6450.patch: fix DTLS retransmission in
      crypto/evp/digest.c,ssl/d1_both.c,ssl/s3_pkt.c,ssl/s3_srvr.c,
      ssl/ssl_locl.h,ssl/t1_enc.c.
    - CVE-2013-6450
  * debian/patches/no_default_rdrand.patch: Don't use rdrand engine as
    default unless explicitly requested.
 -- Marc Deslauriers <email address hidden>   Wed, 08 Jan 2014 14:55:58 -0500
Superseded in precise-updates on 2014-04-07
Superseded in precise-security on 2014-04-07
openssl (1.0.1-4ubuntu5.11) precise-security; urgency=low

  * SECURITY UPDATE: denial of service via invalid TLS handshake
    - debian/patches/CVE-2013-4353.patch: handle no new cipher setup in
      ssl/s3_both.c.
    - CVE-2013-4353
  * SECURITY UPDATE: denial of service via incorrect data structure
    - debian/patches/CVE-2013-6449.patch: check for handshake digests in
      ssl/s3_both.c,ssl/s3_pkt.c,ssl/t1_enc.c, use proper version in
      ssl/s3_lib.c.
    - CVE-2013-6449
  * SECURITY UPDATE: denial of service via DTLS retransmission
    - debian/patches/CVE-2013-6450.patch: fix DTLS retransmission in
      crypto/evp/digest.c,ssl/d1_both.c,ssl/s3_pkt.c,ssl/s3_srvr.c,
      ssl/ssl_locl.h,ssl/t1_enc.c.
    - CVE-2013-6450
  * debian/patches/no_default_rdrand.patch: Don't use rdrand engine as
    default unless explicitly requested.
 -- Marc Deslauriers <email address hidden>   Wed, 08 Jan 2014 14:59:50 -0500
Superseded in trusty-release on 2014-01-10
Deleted in trusty-proposed on 2014-01-11 (Reason: moved to release)
openssl (1.0.1e-4ubuntu4) trusty; urgency=low

  * debian/patches/no_default_rdrand.patch: Don't use rdrand engine as
    default unless explicitly requested.
 -- Marc Deslauriers <email address hidden>   Thu, 19 Dec 2013 15:39:22 -0500

Available diffs

Superseded in trusty-release on 2013-12-20
Deleted in trusty-proposed on 2013-12-21 (Reason: moved to release)
openssl (1.0.1e-4ubuntu3) trusty; urgency=medium

  * Update debian configuration.
 -- Matthias Klose <email address hidden>   Thu, 05 Dec 2013 14:34:48 +0100
Superseded in trusty-release on 2013-12-05
Deleted in trusty-proposed on 2013-12-06 (Reason: moved to release)
openssl (1.0.1e-4ubuntu2) trusty; urgency=low

  * Re-enable full TLSv1.2 support (LP: #1257877)
    - debian/patches/tls12_workarounds.patch: disable patch to re-enable
      full TLSv1.2 support. Most problematic sites have been fixed now, and
      we really want proper TLSv1.2 support in an LTS.
 -- Marc Deslauriers <email address hidden>   Wed, 04 Dec 2013 12:33:44 -0500

Available diffs

Superseded in trusty-release on 2013-12-05
Deleted in trusty-proposed on 2013-12-06 (Reason: moved to release)
openssl (1.0.1e-4ubuntu1) trusty; urgency=low

  * Merge with Debian; remaining changes same as in 1.0.1e-3ubuntu1.

Superseded in trusty-release on 2013-12-04
Published in saucy-release on 2013-07-27
Deleted in saucy-proposed (Reason: moved to release)
openssl (1.0.1e-3ubuntu1) saucy; urgency=low

  * Merge with Debian, remaining changes.
    - debian/libssl1.0.0.postinst:
      + Display a system restart required notification on libssl1.0.0
        upgrade on servers.
      + Use a different priority for libssl1.0.0/restart-services depending
        on whether a desktop, or server dist-upgrade is being performed.
    - debian/{libssl1.0.0-udeb.dirs, control, rules}: Create
      libssl1.0.0-udeb, for the benefit of wget-udeb (no wget-udeb package
      in Debian).
    - debian/{libcrypto1.0.0-udeb.dirs, libssl1.0.0.dirs, libssl1.0.0.files,
      rules}: Move runtime libraries to /lib, for the benefit of
      wpasupplicant.
    - debian/patches/perlpath-quilt.patch: Don't change perl #! paths under
      .pc.
    - debian/rules:
      + Don't run 'make test' when cross-building.
      + Use host compiler when cross-building.  Patch from Neil Williams.
      + Don't build for processors no longer supported: i586 (on i386)
      + Fix Makefile to properly clean up libs/ dirs in clean target.
      + Replace duplicate files in the doc directory with symlinks.
    - Unapply patch c_rehash-multi and comment it out in the series as it
      breaks parsing of certificates with CRLF line endings and other cases
      (see Debian #642314 for discussion), it also changes the semantics of
      c_rehash directories by requiring applications to parse hash link
      targets as files containing potentially *multiple* certificates rather
      than exactly one.
    - debian/patches/tls12_workarounds.patch: Workaround large client hello
      issues when TLS 1.1 and lower is in use
    - debian/control: Mark Debian Vcs-* as XS-Debian-Vcs-*
    - debian/patches/ubuntu_deb676533_arm_asm.patch: Enable arm assembly
      code.
    - debian/patches/arm64-support: Add basic arm64 support (no assembler)
    - debian/rules: Enable optimized 64bit elliptic curve code contributed
      by Google.
  * debian/patches/tls12_workarounds.patch: updated to also disable TLS 1.2
    in test suite since we disable it in the client.
  * Disable compression to avoid CRIME systemwide (CVE-2012-4929).
  * Dropped changes:
    - debian/patches/ubuntu_deb676533_arm_asm.patch, applied in Debian.

Superseded in saucy-release on 2013-07-27
Deleted in saucy-proposed on 2013-07-28 (Reason: moved to release)
openssl (1.0.1e-2ubuntu1.1) saucy-security; urgency=low

  * SECURITY UPDATE: Disable compression to avoid CRIME systemwide
    (LP: #1187195)
    - CVE-2012-4929
    - debian/patches/openssl-1.0.1e-env-zlib.patch: disable default use of
      zlib to compress SSL/TLS unless the environment variable
      OPENSSL_DEFAULT_ZLIB is set in the environment during library
      initialization.
    - Introduced to assist with programs not yet updated to provide their own
      controls on compression, such as Postfix
    - http://pkgs.fedoraproject.org/cgit/openssl.git/plain/openssl-1.0.1e-env-zlib.patch
 -- Seth Arnold <email address hidden>   Mon, 03 Jun 2013 18:14:05 -0700
Superseded in raring-updates on 2014-01-09
Superseded in raring-security on 2014-01-09
Deleted in raring-proposed on 2014-01-11 (Reason: moved to -updates)
openssl (1.0.1c-4ubuntu8.1) raring-security; urgency=low

  * SECURITY UPDATE: Disable compression to avoid CRIME systemwide
    (LP: #1187195)
    - CVE-2012-4929
    - debian/patches/openssl-1.0.1e-env-zlib.patch: disable default use of
      zlib to compress SSL/TLS unless the environment variable
      OPENSSL_DEFAULT_ZLIB is set in the environment during library
      initialization.
    - Introduced to assist with programs not yet updated to provide their own
      controls on compression, such as Postfix
    - http://pkgs.fedoraproject.org/cgit/openssl.git/plain/openssl-1.0.1e-env-zlib.patch
 -- Seth Arnold <email address hidden>   Mon, 03 Jun 2013 18:13:47 -0700
Superseded in quantal-updates on 2014-01-09
Superseded in quantal-security on 2014-01-09
Deleted in quantal-proposed on 2014-01-11 (Reason: moved to -updates)
openssl (1.0.1c-3ubuntu2.5) quantal-security; urgency=low

  * SECURITY UPDATE: Disable compression to avoid CRIME systemwide
    (LP: #1187195)
    - CVE-2012-4929
    - debian/patches/openssl-1.0.1e-env-zlib.patch: disable default use of
      zlib to compress SSL/TLS unless the environment variable
      OPENSSL_DEFAULT_ZLIB is set in the environment during library
      initialization.
    - Introduced to assist with programs not yet updated to provide their own
      controls on compression, such as Postfix
    - http://pkgs.fedoraproject.org/cgit/openssl.git/plain/openssl-1.0.1e-env-zlib.patch
 -- Seth Arnold <email address hidden>   Mon, 03 Jun 2013 18:13:33 -0700
Superseded in precise-updates on 2014-01-09
Superseded in precise-security on 2014-01-09
Deleted in precise-proposed on 2014-01-11 (Reason: moved to -updates)
openssl (1.0.1-4ubuntu5.10) precise-security; urgency=low

  * SECURITY UPDATE: Disable compression to avoid CRIME systemwide
    (LP: #1187195)
    - CVE-2012-4929
    - debian/patches/openssl-1.0.1e-env-zlib.patch: disable default use of
      zlib to compress SSL/TLS unless the environment variable
      OPENSSL_DEFAULT_ZLIB is set in the environment during library
      initialization.
    - Introduced to assist with programs not yet updated to provide their own
      controls on compression, such as Postfix
    - http://pkgs.fedoraproject.org/cgit/openssl.git/plain/openssl-1.0.1e-env-zlib.patch
 -- Seth Arnold <email address hidden>   Mon, 03 Jun 2013 18:13:18 -0700
Published in lucid-updates on 2013-07-04
Published in lucid-security on 2013-07-04
Deleted in lucid-proposed (Reason: moved to -updates)
openssl (0.9.8k-7ubuntu8.15) lucid-security; urgency=low

  * SECURITY UPDATE: Disable compression to avoid CRIME systemwide
    (LP: #1187195)
    - CVE-2012-4929
    - debian/patches/openssl-1.0.1e-env-zlib.patch: disable default use of
      zlib to compress SSL/TLS unless the environment variable
      OPENSSL_DEFAULT_ZLIB is set in the environment during library
      initialization.
    - Introduced to assist with programs not yet updated to provide their own
      controls on compression, such as Postfix
    - http://pkgs.fedoraproject.org/cgit/openssl.git/plain/openssl-1.0.1e-env-zlib.patch
 -- Seth Arnold <email address hidden>   Mon, 03 Jun 2013 20:37:34 -0700
Superseded in saucy-release on 2013-06-10
Deleted in saucy-proposed on 2013-06-12 (Reason: moved to release)
openssl (1.0.1e-2ubuntu1) saucy; urgency=low

  * Resynchronise with Debian unstable.  Remaining changes:
    - debian/libssl1.0.0.postinst:
      + Display a system restart required notification on libssl1.0.0
        upgrade on servers.
      + Use a different priority for libssl1.0.0/restart-services depending
        on whether a desktop, or server dist-upgrade is being performed.
    - debian/{libssl1.0.0-udeb.dirs, control, rules}: Create
      libssl1.0.0-udeb, for the benefit of wget-udeb (no wget-udeb package
      in Debian).
    - debian/{libcrypto1.0.0-udeb.dirs, libssl1.0.0.dirs, libssl1.0.0.files,
      rules}: Move runtime libraries to /lib, for the benefit of
      wpasupplicant.
    - debian/patches/perlpath-quilt.patch: Don't change perl #! paths under
      .pc.
    - debian/rules:
      + Don't run 'make test' when cross-building.
      + Use host compiler when cross-building.  Patch from Neil Williams.
      + Don't build for processors no longer supported: i586 (on i386)
      + Fix Makefile to properly clean up libs/ dirs in clean target.
      + Replace duplicate files in the doc directory with symlinks.
    - Unapply patch c_rehash-multi and comment it out in the series as it
      breaks parsing of certificates with CRLF line endings and other cases
      (see Debian #642314 for discussion), it also changes the semantics of
      c_rehash directories by requiring applications to parse hash link
      targets as files containing potentially *multiple* certificates rather
      than exactly one.
    - debian/patches/tls12_workarounds.patch: Workaround large client hello
      issues when TLS 1.1 and lower is in use
    - debian/control: Mark Debian Vcs-* as XS-Debian-Vcs-*
    - debian/patches/ubuntu_deb676533_arm_asm.patch: Enable arm assembly
      code.
    - debian/patches/arm64-support: Add basic arm64 support (no assembler)
    - debian/rules: Enable optimized 64bit elliptic curve code contributed
      by Google.
  * debian/patches/tls12_workarounds.patch: updated to also disable TLS 1.2
    in test suite since we disable it in the client.
  * Dropped changes:
    - debian/patches/CVE-2013-0169.patch: upstream.
    - debian/patches/fix_key_decoding_deadlock.patch: upstream.
    - debian/patches/CVE-2013-0166.patch: upstream.

Superseded in quantal-updates on 2013-07-04
Deleted in quantal-proposed on 2013-07-05 (Reason: moved to -updates)
openssl (1.0.1c-3ubuntu2.4) quantal; urgency=low

  [ Dmitrijs Ledkovs ]
  * Enable arm assembly code. (LP: #1083498) (Closes: #676533)
  * Enable optimized 64bit elliptic curve code contributed by Google. (LP: #1018522)

  [ Marc Deslauriers ]
  * debian/patches/fix_key_decoding_deadlock.patch: Fix possible deadlock
    when decoding public keys. (LP: #1066032)
 -- Dmitrijs Ledkovs <email address hidden>   Thu, 04 Apr 2013 12:15:11 +0100
Superseded in precise-updates on 2013-07-04
Deleted in precise-proposed on 2013-07-05 (Reason: moved to -updates)
openssl (1.0.1-4ubuntu5.9) precise; urgency=low

  [ Dmitrijs Ledkovs ]
  * Enable arm assembly code. (LP: #1083498) (Closes: #676533)
  * Enable optimized 64bit elliptic curve code contributed by Google. (LP: #1018522)

  [ Marc Deslauriers ]
  * debian/patches/fix_key_decoding_deadlock.patch: Fix possible deadlock
    when decoding public keys. (LP: #1066032)
 -- Dmitrijs Ledkovs <email address hidden>   Mon, 15 Apr 2013 13:44:50 +0100
Superseded in precise-updates on 2013-05-06
Superseded in precise-security on 2013-07-04
openssl (1.0.1-4ubuntu5.8) precise-security; urgency=low

  * SECURITY UPDATE: "Lucky Thirteen" timing side-channel TLS attack
    - debian/patches/CVE-2013-0169.patch: re-enabled patch and added extra
      commits from upstream to fix regression.
    - CVE-2013-0169
 -- Marc Deslauriers <email address hidden>   Tue, 19 Mar 2013 14:43:57 -0400
Superseded in quantal-updates on 2013-05-06
Superseded in quantal-security on 2013-07-04
openssl (1.0.1c-3ubuntu2.3) quantal-security; urgency=low

  * SECURITY UPDATE: "Lucky Thirteen" timing side-channel TLS attack
    - debian/patches/CVE-2013-0169.patch: re-enabled patch and added extra
      commit from upstream to fix regression.
    - CVE-2013-0169
 -- Marc Deslauriers <email address hidden>   Tue, 19 Mar 2013 14:35:24 -0400
Superseded in saucy-release on 2013-05-22
Published in raring-release on 2013-03-19
Deleted in raring-proposed (Reason: moved to release)
openssl (1.0.1c-4ubuntu8) raring; urgency=low

  * SECURITY UPDATE: "Lucky Thirteen" timing side-channel TLS attack
    - debian/patches/CVE-2013-0169.patch: re-enabled patch and added extra
      commit from upstream to fix regression.
    - CVE-2013-0169
 -- Marc Deslauriers <email address hidden>   Tue, 19 Mar 2013 14:33:14 -0400
Superseded in raring-release on 2013-03-19
Deleted in raring-proposed on 2013-03-21 (Reason: moved to release)
openssl (1.0.1c-4ubuntu7) raring; urgency=low

  * Enable optimized 64bit elliptic curve code contributed by Google. (LP: #1018522)
 -- Dmitrijs Ledkovs <email address hidden>   Thu, 07 Mar 2013 15:36:16 +0000
Superseded in raring-release on 2013-03-07
Deleted in raring-proposed on 2013-03-09 (Reason: moved to release)
openssl (1.0.1c-4ubuntu6) raring; urgency=low

  * debian/patches/fix_key_decoding_deadlock.patch: Fix possible deadlock
    when decoding public keys. (LP: #1066032)
 -- Marc Deslauriers <email address hidden>   Wed, 06 Mar 2013 08:11:19 -0500
Superseded in raring-release on 2013-03-07
Deleted in raring-proposed on 2013-03-08 (Reason: moved to release)
openssl (1.0.1c-4ubuntu5) raring; urgency=low

  * REGRESSION FIX: decryption errors on AES-NI hardware (LP: #1134873,
    LP: #1133333)
    - debian/patches/CVE-2013-0169.patch: disabled for now until fix is
      available from upstream.
 -- Marc Deslauriers <email address hidden>   Thu, 28 Feb 2013 11:01:29 -0500

Available diffs

Superseded in quantal-updates on 2013-03-25
Superseded in quantal-security on 2013-03-25
openssl (1.0.1c-3ubuntu2.2) quantal-security; urgency=low

  * REGRESSION FIX: decryption errors on AES-NI hardware (LP: #1134873,
    LP: #1133333)
    - debian/patches/CVE-2013-0169.patch: disabled for now until fix is
      available from upstream.
 -- Marc Deslauriers <email address hidden>   Thu, 28 Feb 2013 10:56:42 -0500
Superseded in precise-updates on 2013-03-25
Superseded in precise-security on 2013-03-25
openssl (1.0.1-4ubuntu5.7) precise-security; urgency=low

  * REGRESSION FIX: decryption errors on AES-NI hardware (LP: #1134873,
    LP: #1133333)
    - debian/patches/CVE-2013-0169.patch: disabled for now until fix is
      available from upstream.
 -- Marc Deslauriers <email address hidden>   Thu, 28 Feb 2013 11:00:13 -0500
Superseded in raring-release on 2013-02-28
Deleted in raring-proposed on 2013-03-01 (Reason: moved to release)
openssl (1.0.1c-4ubuntu4) raring; urgency=low

  * SECURITY UPDATE: denial of service via invalid OCSP key
    - debian/patches/CVE-2013-0166.patch: properly handle NULL key in
      crypto/asn1/a_verify.c, crypto/ocsp/ocsp_vfy.c.
    - CVE-2013-0166
  * SECURITY UPDATE: "Lucky Thirteen" timing side-channel TLS attack
    - debian/patches/CVE-2013-0169.patch: massive code changes
    - CVE-2013-0169
  * SECURITY UPDATE: denial of service via AES-NI and crafted CBC data
    - Fix included in CVE-2013-0169 patch
    - CVE-2012-2686
 -- Marc Deslauriers <email address hidden>   Tue, 19 Feb 2013 13:25:24 -0500
Superseded in lucid-updates on 2013-07-04
Superseded in lucid-security on 2013-07-04
openssl (0.9.8k-7ubuntu8.14) lucid-security; urgency=low

  * SECURITY UPDATE: denial of service via invalid OCSP key
    - debian/patches/CVE-2013-0166.patch: properly handle NULL key in
      crypto/asn1/a_verify.c, crypto/ocsp/ocsp_vfy.c.
    - CVE-2013-0166
  * SECURITY UPDATE: "Lucky Thirteen" timing side-channel TLS attack
    - debian/patches/CVE-2013-0169.patch: massive code changes
    - CVE-2013-0169
 -- Marc Deslauriers <email address hidden>   Mon, 18 Feb 2013 15:23:14 -0500
Superseded in precise-updates on 2013-02-28
Superseded in precise-security on 2013-02-28
openssl (1.0.1-4ubuntu5.6) precise-security; urgency=low

  * SECURITY UPDATE: denial of service via invalid OCSP key
    - debian/patches/CVE-2013-0166.patch: properly handle NULL key in
      crypto/asn1/a_verify.c, crypto/ocsp/ocsp_vfy.c.
    - CVE-2013-0166
  * SECURITY UPDATE: "Lucky Thirteen" timing side-channel TLS attack
    - debian/patches/CVE-2013-0169.patch: massive code changes
    - CVE-2013-0169
  * SECURITY UPDATE: denial of service via AES-NI and crafted CBC data
    - Fix included in CVE-2013-0169 patch
    - CVE-2012-2686
 -- Marc Deslauriers <email address hidden>   Mon, 18 Feb 2013 14:04:17 -0500
Published in oneiric-updates on 2013-02-21
Published in oneiric-security on 2013-02-21
openssl (1.0.0e-2ubuntu4.7) oneiric-security; urgency=low

  * SECURITY UPDATE: denial of service via invalid OCSP key
    - debian/patches/CVE-2013-0166.patch: properly handle NULL key in
      crypto/asn1/a_verify.c, crypto/ocsp/ocsp_vfy.c.
    - CVE-2013-0166
  * SECURITY UPDATE: "Lucky Thirteen" timing side-channel TLS attack
    - debian/patches/CVE-2013-0169.patch: massive code changes
    - CVE-2013-0169
 -- Marc Deslauriers <email address hidden>   Mon, 18 Feb 2013 14:55:40 -0500
Superseded in quantal-updates on 2013-02-28
Superseded in quantal-security on 2013-02-28
openssl (1.0.1c-3ubuntu2.1) quantal-security; urgency=low

  * SECURITY UPDATE: denial of service via invalid OCSP key
    - debian/patches/CVE-2013-0166.patch: properly handle NULL key in
      crypto/asn1/a_verify.c, crypto/ocsp/ocsp_vfy.c.
    - CVE-2013-0166
  * SECURITY UPDATE: "Lucky Thirteen" timing side-channel TLS attack
    - debian/patches/CVE-2013-0169.patch: massive code changes
    - CVE-2013-0169
  * SECURITY UPDATE: denial of service via AES-NI and crafted CBC data
    - Fix included in CVE-2013-0169 patch
    - CVE-2012-2686
 -- Marc Deslauriers <email address hidden>   Mon, 18 Feb 2013 13:13:42 -0500
Published in hardy-updates on 2013-02-21
Published in hardy-security on 2013-02-21
openssl (0.9.8g-4ubuntu3.20) hardy-security; urgency=low

  * SECURITY UPDATE: denial of service via invalid OCSP key
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=66e8211c0b1347970096e04b18aa52567c325200
    - CVE-2013-0166
  * SECURITY UPDATE: "Lucky Thirteen" timing side-channel TLS attack
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=270881316664396326c461ec7a124aec2c6cc081
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=35a65e814beb899fa1c69a7673a8956c6059dce7
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=a33e6702a0db1b9f4648d247b8b28a5c0e42ca13
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=2928cb4c82d6516d9e65ede4901a5957d8c39c32
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=b3a959a337b8083bc855623f24cebaf43a477350
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=be88529753897c29c677d1becb321f0072c0659c
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=99f5093347c65eecbd05f0668aea94b32fcf20d7
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=24b28060975c01b749391778d13ec2ea1323a1aa
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=924b11742296c13816a9f301e76fea023003920c
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=c23a7458209e773ffcd42bdcfa5cf2564df86bd7
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=1909df070fb5c5b87246a2de19c17588deba5818
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=33ccde59a1ece0f68cc4b64e930001ab230725b1
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=5f9345a2f0b592457fc4a619ac98ea59ffd394ba
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=40e0de03955e218f45a7979cb46fba193f4e7fc2
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=1213e6c3c2d7abeeb886d911a3c6c06c5da2e3a4
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=ca3b81c8580a609edac1f13a3f62d4348d66c3a8
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=6351adecb4726476def5f5ad904a7d2e63480d53
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=fb092ef4fca897344daf7189526f5f26be6487ce
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=59b1129e0a50fdf7e4e58d7c355783a7bfc1f44c
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=4ea7019165db53b92b4284461c5c88bfe7c6e57d
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=76c61a5d1adb92388f39e585e4af860a20feb9bb
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=ff58eaa4b645a38f3a226cf566d969fffa64ef94
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=5864fd2061f43dc8f89b5755f19bd2a35dec636c
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=fbe621d08f2026926c91c1c5f386b27605e39a43
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=a8655eb21a7f9a313db18daa6ccaed928fb6027c
    - CVE-2013-0169
 -- Marc Deslauriers <email address hidden>   Mon, 18 Feb 2013 15:49:05 -0500
Superseded in raring-release on 2013-02-20
Deleted in raring-proposed on 2013-02-27 (Reason: moved to release)
openssl (1.0.1c-4ubuntu3) raring; urgency=low

  * Add basic arm64 support (no assembler) (LP: #1102107)
 -- Wookey <email address hidden>   Sun, 20 Jan 2013 17:30:15 +0000

Available diffs

Superseded in raring-release on 2013-02-12
Deleted in raring-proposed on 2013-02-13 (Reason: moved to release)
openssl (1.0.1c-4ubuntu2) raring; urgency=low

  * Enable arm assembly code. (LP: #1083498) (Closes: #676533)
 -- Dmitrijs Ledkovs <email address hidden>   Wed, 28 Nov 2012 00:08:45 +0000

Available diffs

Superseded in raring-release on 2012-11-28
Deleted in raring-proposed on 2012-11-29 (Reason: moved to release)
openssl (1.0.1c-4ubuntu1) raring; urgency=low

  * Resynchronise with Debian (LP: #1077228).  Remaining changes:
    - debian/libssl1.0.0.postinst:
      + Display a system restart required notification on libssl1.0.0
        upgrade on servers.
      + Use a different priority for libssl1.0.0/restart-services depending
        on whether a desktop, or server dist-upgrade is being performed.
    - debian/{libssl1.0.0-udeb.dirs, control, rules}: Create
      libssl1.0.0-udeb, for the benefit of wget-udeb (no wget-udeb package
      in Debian).
    - debian/{libcrypto1.0.0-udeb.dirs, libssl1.0.0.dirs, libssl1.0.0.files,
      rules}: Move runtime libraries to /lib, for the benefit of
      wpasupplicant.
    - debian/patches/perlpath-quilt.patch: Don't change perl #! paths under
      .pc.
    - debian/rules:
      + Don't run 'make test' when cross-building.
      + Use host compiler when cross-building.  Patch from Neil Williams.
      + Don't build for processors no longer supported: i586 (on i386)
      + Fix Makefile to properly clean up libs/ dirs in clean target.
      + Replace duplicate files in the doc directory with symlinks.
    - Unapply patch c_rehash-multi and comment it out in the series as it
      breaks parsing of certificates with CRLF line endings and other cases
      (see Debian #642314 for discussion), it also changes the semantics of
      c_rehash directories by requiring applications to parse hash link
      targets as files containing potentially *multiple* certificates rather
      than exactly one.
    - Bump version passed to dh_makeshlibs to 1.0.1 for new symbols.
    - debian/patches/tls12_workarounds.patch: Workaround large client hello
      issues when TLS 1.1 and lower is in use
    - debian/control: Mark Debian Vcs-* as XS-Debian-Vcs-*
  * Dropped changes:
    - Drop openssl-doc in favour of the libssl-doc package introduced by
      Debian.  Add Conflicts/Replaces until the next LTS release.
      + Drop the Conflicts/Replaces because 12.04 LTS was 'the next LTS
        release'

Superseded in raring-release on 2012-11-12
Published in quantal-release on 2012-10-07
openssl (1.0.1c-3ubuntu2) quantal; urgency=low

  [ Tyler Hicks <email address hidden> ]
  * debian/patches/tls12_workarounds.patch: Readd the change to check
    TLS1_get_client_version rather than TLS1_get_version to fix incorrect
    client hello cipher list truncation when TLS 1.1 and lower is in use.
    (LP: #1051892)

  [ Micah Gersten <email address hidden> ]
  * Mark Debian Vcs-* as XS-Debian-Vcs-*
    - update debian/control
 -- Tyler Hicks <email address hidden>   Thu, 04 Oct 2012 10:34:57 -0700
Superseded in precise-updates on 2013-02-21
Deleted in precise-proposed on 2013-02-27 (Reason: moved to -updates)
openssl (1.0.1-4ubuntu5.5) precise-proposed; urgency=low

  * debian/patches/lp973741.patch: Apply complete and more recent changeset,
    which fixes original issue on Intel CPUs and fixes FTBFS on non-x86
    architectures. (LP: #973741)

Deleted in precise-proposed on 2012-08-03 (Reason: Failed to build on non-x86 arches)
openssl (1.0.1-4ubuntu5.4) precise-proposed; urgency=low

  * debian/patches/lp973741.patch: Avoid segfault on legacy Intel CPUs
    by using correct cypher. (LP: #973741)
 -- Adam Gandelman <email address hidden>   Thu, 26 Jul 2012 00:14:32 -0700
Superseded in precise-updates on 2012-08-29
Superseded in precise-security on 2013-02-21
Deleted in precise-proposed on 2013-02-27 (Reason: moved to -updates)
openssl (1.0.1-4ubuntu5.3) precise-security; urgency=low

  * SECURITY UPDATE: SSL_OP_ALL incorrectly disables TLS 1.1 (LP: #1018998)
    - debian/patches/lp1018998.patch: change SSL_OP_NO_TLSv1_1 from
      0x00000400L to 0x10000000L as in 1.0.1b to prevent applications
      compiled with SSL_OP_ALL from incorrectly disabling TLS 1.1.
  * debian/patches/lp1020621.patch: Make renegotiation work for TLS 1.2, 1.1
    by not using a lower record version client hello workaround if
    renegotiating. (LP: #1020621)
 -- Marc Deslauriers <email address hidden>   Tue, 03 Jul 2012 11:36:01 -0400
Superseded in quantal-release on 2012-10-07
openssl (1.0.1c-3ubuntu1) quantal; urgency=low

  * Resynchronise with Debian. Remaining changes:
    - debian/libssl1.0.0.postinst:
      + Display a system restart required notification on libssl1.0.0
        upgrade on servers.
      + Use a different priority for libssl1.0.0/restart-services depending
        on whether a desktop, or server dist-upgrade is being performed.
    - debian/{libssl1.0.0-udeb.dirs, control, rules}: Create
      libssl1.0.0-udeb, for the benefit of wget-udeb (no wget-udeb package
      in Debian).
    - debian/{libcrypto1.0.0-udeb.dirs, libssl1.0.0.dirs, libssl1.0.0.files,
      rules}: Move runtime libraries to /lib, for the benefit of
      wpasupplicant.
    - debian/patches/perlpath-quilt.patch: Don't change perl #! paths under
      .pc.
    - debian/rules:
      + Don't run 'make test' when cross-building.
      + Use host compiler when cross-building.  Patch from Neil Williams.
      + Don't build for processors no longer supported: i586 (on i386)
      + Fix Makefile to properly clean up libs/ dirs in clean target.
      + Replace duplicate files in the doc directory with symlinks.
    - Unapply patch c_rehash-multi and comment it out in the series as it
      breaks parsing of certificates with CRLF line endings and other cases
      (see Debian #642314 for discussion), it also changes the semantics of
      c_rehash directories by requiring applications to parse hash link
      targets as files containing potentially *multiple* certificates rather
      than exactly one.
    - Bump version passed to dh_makeshlibs to 1.0.1 for new symbols.
    - debian/patches/tls12_workarounds.patch: workaround large client hello
      issue: Compile with -DOPENSSL_MAX_TLS1_2_CIPHER_LENGTH=50 and
      with -DOPENSSL_NO_TLS1_2_CLIENT.
  * Dropped upstreamed patches:
    - debian/patches/CVE-2012-2110.patch
    - debian/patches/CVE-2012-2110b.patch
    - debian/patches/CVE-2012-2333.patch
    - debian/patches/CVE-2012-0884-extra.patch
    - most of debian/patches/tls12_workarounds.patch

Available diffs

Superseded in quantal-release on 2012-07-03
openssl (1.0.1-4ubuntu6) quantal; urgency=low

  * SECURITY UPDATE: denial of service attack in DTLS, TLS v1.1 and
    TLS v1.2 implementation
    - debian/patches/CVE_2012-2333.patch: guard for integer overflow
      before skipping explicit IV
    - CVE-2012-2333
  * debian/patches/CVE-2012-0884-extra.patch: initialize tkeylen
    properly when encrypting CMS messages.
 -- Steve Beattie <email address hidden>   Thu, 24 May 2012 16:05:04 -0700

Available diffs

Superseded in lucid-updates on 2013-02-21
Superseded in lucid-security on 2013-02-21
openssl (0.9.8k-7ubuntu8.13) lucid-security; urgency=low

  * SECURITY UPDATE: denial of service attack in DTLS implementation
    - debian/patches/CVE_2012-2333.patch: guard for integer overflow
      before skipping explicit IV
    - CVE-2012-2333
  * SECURITY UPDATE: million message attack (MMA) in CMS and PKCS #7
    - debian/patches/CVE-2012-0884.patch: use a random key if RSA
      decryption fails to avoid leaking timing information
    - CVE-2012-0884
  * debian/patches/CVE-2012-0884-extra.patch: detect symmetric crypto
    errors in PKCS7_decrypt and initialize tkeylen properly when
    encrypting CMS messages.
 -- Steve Beattie <email address hidden>   Tue, 22 May 2012 16:11:28 -0700
Superseded in precise-updates on 2012-07-25
Superseded in precise-security on 2012-07-25
openssl (1.0.1-4ubuntu5.2) precise-security; urgency=low

  * SECURITY UPDATE: denial of service attack in DTLS, TLS v1.1 and
    TLS v1.2 implementation
    - debian/patches/CVE_2012-2333.patch: guard for integer overflow
      before skipping explicit IV
    - CVE-2012-2333
  * debian/patches/CVE-2012-0884-extra.patch: initialize tkeylen
    properly when encrypting CMS messages.
 -- Steve Beattie <email address hidden>   Tue, 22 May 2012 16:05:12 -0700
Obsolete in natty-updates on 2013-06-04
Obsolete in natty-security on 2013-06-04
openssl (0.9.8o-5ubuntu1.7) natty-security; urgency=low

  * SECURITY UPDATE: denial of service attack in DTLS implementation
    - debian/patches/CVE_2012-2333.patch: guard for integer overflow
      before skipping explicit IV
    - CVE-2012-2333
  * SECURITY UPDATE: million message attack (MMA) in CMS and PKCS #7
    - debian/patches/CVE-2012-0884.patch: use a random key if RSA
      decryption fails to avoid leaking timing information
    - CVE-2012-0884
  * debian/patches/CVE-2012-0884-extra.patch: detect symmetric crypto
    errors in PKCS7_decrypt and initialize tkeylen properly when
    encrypting CMS messages.
 -- Steve Beattie <email address hidden>   Tue, 22 May 2012 15:25:06 -0700
Superseded in oneiric-updates on 2013-02-21
Superseded in oneiric-security on 2013-02-21
openssl (1.0.0e-2ubuntu4.6) oneiric-security; urgency=low

  * SECURITY UPDATE: denial of service attack in DTLS implementation
    - debian/patches/CVE_2012-2333.patch: guard for integer overflow
      before skipping explicit IV
    - CVE-2012-2333
  * SECURITY UPDATE: million message attack (MMA) in CMS and PKCS #7
    - debian/patches/CVE-2012-0884.patch: use a random key if RSA
      decryption fails to avoid leaking timing information
    - CVE-2012-0884
  * debian/patches/CVE-2012-0884-extra.patch: detect symmetric crypto
    errors in PKCS7_decrypt and initialize tkeylen properly when
    encrypting CMS messages.
 -- Steve Beattie <email address hidden>   Tue, 22 May 2012 15:24:09 -0700
Superseded in hardy-updates on 2013-02-21
Superseded in hardy-security on 2013-02-21
openssl (0.9.8g-4ubuntu3.19) hardy-security; urgency=low

  * SECURITY UPDATE: denial of service attack in DTLS implementation
    - ssl/d1_enc.c: guard for integer overflow before skipping
      explicit IV
    - http://cvs.openssl.org/chngview?cn=22558
    - CVE-2012-2333
  * SECURITY UPDATE: million message attack (MMA) in CMS
    - crypto/pkcs7/pk7_doit.c: use a random key if RSA decryption
      fails to avoid leaking timing information
    - http://cvs.openssl.org/chngview?cn=22238
    - CVE-2012-0884
  * crypto/pkcs7/pk7_smime.c: detect symmetric crypto errors in
    PKCS7_decrypt
    - http://cvs.openssl.org/chngview?cn=22161
 -- Steve Beattie <email address hidden>   Tue, 22 May 2012 12:46:37 -0700
Superseded in natty-updates on 2012-05-24
Superseded in natty-security on 2012-05-24
openssl (0.9.8o-5ubuntu1.5) natty-security; urgency=low

  * SECURITY UPDATE: incomplete fix for CVE-2012-2110
    - debian/patches/CVE-2012-2131.patch: also verify 'len' in BUF_MEM_grow
      and BUF_MEM_grow_clean is non-negative
    - CVE-2012-2131
  * debian/patches/CVE-2012-2110b.patch: Use correct error code in
    BUF_MEM_grow_clean()
 -- Jamie Strandboge <email address hidden>   Tue, 24 Apr 2012 08:14:16 -0500
Superseded in lucid-updates on 2012-05-24
Superseded in lucid-security on 2012-05-24
openssl (0.9.8k-7ubuntu8.11) lucid-security; urgency=low

  * SECURITY UPDATE: incomplete fix for CVE-2012-2110
    - debian/patches/CVE-2012-2131.patch: also verify 'len' in BUF_MEM_grow
      and BUF_MEM_grow_clean is non-negative
    - CVE-2012-2131
  * debian/patches/CVE-2012-2110b.patch: Use correct error code in
    BUF_MEM_grow_clean()
 -- Jamie Strandboge <email address hidden>   Tue, 24 Apr 2012 08:32:06 -0500
Superseded in hardy-updates on 2012-05-24
Superseded in hardy-security on 2012-05-24
openssl (0.9.8g-4ubuntu3.18) hardy-security; urgency=low

  * SECURITY UPDATE: incomplete fix for CVE-2012-2110
    - crypto/buffer/buffer.c: also verify 'len' in BUF_MEM_grow and
      BUF_MEM_grow_clean is non-negative
    - http://cvs.openssl.org/chngview?cn=22479
    - CVE-2012-2131
  * crypto/buffer/buffer.c: Use correct error code in BUF_MEM_grow_clean()
    - http://cvs.openssl.org/chngview?cn=22476
 -- Jamie Strandboge <email address hidden>   Tue, 24 Apr 2012 08:33:44 -0500
Superseded in oneiric-updates on 2012-05-24
Superseded in oneiric-security on 2012-05-24
openssl (1.0.0e-2ubuntu4.5) oneiric-security; urgency=low

  * debian/patches/CVE-2012-2110b.patch: Use correct error code in
    BUF_MEM_grow_clean()
 -- Jamie Strandboge <email address hidden>   Tue, 24 Apr 2012 08:36:27 -0500
Superseded in precise-updates on 2012-05-24
Superseded in quantal-release on 2012-06-01
Deleted in precise-proposed on 2012-06-02 (Reason: moved to -updates)
openssl (1.0.1-4ubuntu5) precise-proposed; urgency=low

  * debian/patches/CVE-2012-2110b.patch: Use correct error code in
    BUF_MEM_grow_clean()

Superseded in precise-proposed on 2012-04-24
openssl (1.0.1-4ubuntu4) precise-proposed; urgency=low

  * Check TLS1_get_client_version rather than TLS1_get_version for client
    hello cipher list truncation, in a further attempt to get things working
    again for everyone (LP: #986147).
 -- Colin Watson <email address hidden>   Tue, 24 Apr 2012 14:05:50 +0100

Available diffs

Superseded in hardy-updates on 2012-04-24
Superseded in hardy-security on 2012-04-24
openssl (0.9.8g-4ubuntu3.17) hardy-security; urgency=low

  * SECURITY UPDATE: fix various overflows
    - adjust crypto/a_d2i_fp.c, crypto/buffer.c and crypto/mem.c to verify
      size of lengths
    - http://cvs.openssl.org/chngview?cn=22439
    - CVE-2012-2110
 -- Jamie Strandboge <email address hidden>   Thu, 19 Apr 2012 10:26:01 -0500
Superseded in lucid-updates on 2012-04-24
Superseded in lucid-security on 2012-04-24
openssl (0.9.8k-7ubuntu8.10) lucid-security; urgency=low

  * SECURITY UPDATE: NULL pointer dereference in S/MIME messages with broken
    headers
    - debian/patches/CVE-2006-7250+2012-1165.patch: adjust mime_hdr_cmp()
      and mime_param_cmp() to not dereference the compared strings if either
      is NULL
    - CVE-2006-7250
    - CVE-2012-1165
  * SECURITY UPDATE: fix various overflows
    - debian/patches/CVE-2012-2110.patch: adjust crypto/a_d2i_fp.c,
      crypto/buffer.c and crypto/mem.c to verify size of lengths
    - CVE-2012-2110
 -- Jamie Strandboge <email address hidden>   Thu, 19 Apr 2012 10:24:54 -0500
Superseded in natty-updates on 2012-04-24
Superseded in natty-security on 2012-04-24
openssl (0.9.8o-5ubuntu1.4) natty-security; urgency=low

  * SECURITY UPDATE: NULL pointer dereference in S/MIME messages with broken
    headers
    - debian/patches/CVE-2006-7250+2012-1165.patch: adjust mime_hdr_cmp()
      and mime_param_cmp() to not dereference the compared strings if either
      is NULL
    - CVE-2006-7250
    - CVE-2012-1165
  * SECURITY UPDATE: fix various overflows
    - debian/patches/CVE-2012-2110.patch: adjust crypto/a_d2i_fp.c,
      crypto/buffer.c and crypto/mem.c to verify size of lengths
    - CVE-2012-2110
 -- Jamie Strandboge <email address hidden>   Thu, 19 Apr 2012 09:39:15 -0500
Superseded in oneiric-updates on 2012-04-24
Superseded in oneiric-security on 2012-04-24
openssl (1.0.0e-2ubuntu4.4) oneiric-security; urgency=low

  * SECURITY UPDATE: NULL pointer dereference in S/MIME messages with broken
    headers
    - debian/patches/CVE-2006-7250+2012-1165.patch: adjust mime_hdr_cmp()
      and mime_param_cmp() to not dereference the compared strings if either
      is NULL
    - CVE-2006-7250
    - CVE-2012-1165
  * SECURITY UPDATE: fix various overflows
    - debian/patches/CVE-2012-2110.patch: adjust crypto/a_d2i_fp.c,
      crypto/buffer.c and crypto/mem.c to verify size of lengths
    - CVE-2012-2110
 -- Jamie Strandboge <email address hidden>   Thu, 19 Apr 2012 09:39:43 -0500
Superseded in quantal-release on 2012-05-02
Published in precise-release on 2012-04-19
openssl (1.0.1-4ubuntu3) precise-proposed; urgency=low

  * SECURITY UPDATE: fix various overflows
    - debian/patches/CVE-2012-2110.patch: adjust crypto/a_d2i_fp.c,
      crypto/buffer.c and crypto/mem.c to verify size of lengths
    - CVE-2012-2110
 -- Jamie Strandboge <email address hidden>   Thu, 19 Apr 2012 10:31:06 -0500
Superseded in precise-release on 2012-04-19
Deleted in precise-proposed on 2012-04-21 (Reason: moved to release)
openssl (1.0.1-4ubuntu2) precise-proposed; urgency=low

  * Backport more upstream patches to work around TLS 1.2 failures
    (LP #965371):
    - Do not use record version number > TLS 1.0 in initial client hello:
      some (but not all) hanging servers will now work.
    - Truncate the number of ciphers sent in the client hello to 50.  Most
      broken servers should now work.
    - Don't allow TLS 1.2 SHA-256 ciphersuites in TLS 1.0, 1.1 connections.
  * Don't re-enable TLS 1.2 client support by default yet, since more of the
    sites listed in the above bug and its duplicates still fail if I do that
    versus leaving it disabled.
 -- Colin Watson <email address hidden>   Wed, 18 Apr 2012 15:03:56 +0100

Available diffs

Superseded in precise-release on 2012-04-19
openssl (1.0.1-4ubuntu1) precise; urgency=low

  * Resynchronise with Debian (LP: #968753).  Remaining changes:
    - debian/libssl1.0.0.postinst:
      + Display a system restart required notification on libssl1.0.0
        upgrade on servers.
      + Use a different priority for libssl1.0.0/restart-services depending
        on whether a desktop, or server dist-upgrade is being performed.
    - debian/{libssl1.0.0-udeb.dirs, control, rules}: Create
      libssl1.0.0-udeb, for the benefit of wget-udeb (no wget-udeb package
      in Debian).
    - debian/{libcrypto1.0.0-udeb.dirs, libssl1.0.0.dirs, libssl1.0.0.files,
      rules}: Move runtime libraries to /lib, for the benefit of
      wpasupplicant.
    - debian/patches/perlpath-quilt.patch: Don't change perl #! paths under
      .pc.
    - debian/rules:
      + Don't run 'make test' when cross-building.
      + Use host compiler when cross-building.  Patch from Neil Williams.
      + Don't build for processors no longer supported: i586 (on i386)
      + Fix Makefile to properly clean up libs/ dirs in clean target.
      + Replace duplicate files in the doc directory with symlinks.
    - Unapply patch c_rehash-multi and comment it out in the series as it
      breaks parsing of certificates with CRLF line endings and other cases
      (see Debian #642314 for discussion), it also changes the semantics of
      c_rehash directories by requiring applications to parse hash link
      targets as files containing potentially *multiple* certificates rather
      than exactly one.
    - Bump version passed to dh_makeshlibs to 1.0.1 for new symbols.
    - Experimental workaround to large client hello issue: if
      OPENSSL_NO_TLS1_2_CLIENT is set then TLS v1.2 is disabled for clients
      only.
    - Compile with -DOPENSSL_NO_TLS1_2_CLIENT.

Available diffs

Superseded in precise-release on 2012-04-10
openssl (1.0.1-2ubuntu4) precise; urgency=low

  * Pass cross-compiling options to 'make install' as well, since apparently
    it likes to rebuild fips_premain_dso.
 -- Colin Watson <email address hidden>   Sat, 31 Mar 2012 00:48:38 +0100

Available diffs

Superseded in precise-release on 2012-03-31
openssl (1.0.1-2ubuntu3) precise; urgency=low

  * Temporarily work around TLS 1.2 failures as suggested by upstream
    (LP #965371):
    - Use client version when deciding whether to send supported signature
      algorithms extension.
    - Experimental workaround to large client hello issue: if
      OPENSSL_NO_TLS1_2_CLIENT is set then TLS v1.2 is disabled for clients
      only.
    - Compile with -DOPENSSL_NO_TLS1_2_CLIENT.
    This fixes most of the reported problems, but does not fix the case of
    servers that reject version numbers they don't support rather than
    trying to negotiate a lower version (e.g. www.mediafire.com).
 -- Colin Watson <email address hidden>   Fri, 30 Mar 2012 17:11:45 +0100

Available diffs

Superseded in precise-release on 2012-03-30
openssl (1.0.1-2ubuntu2) precise; urgency=low

  * Remove compat symlinks from /usr/lib to /lib, as they cause
    some serious issued with symbol generation, and are not needed.
  * Bump version passed to dh_makeshlibs to 1.0.1 for new symbols.
 -- Adam Conrad <email address hidden>   Fri, 23 Mar 2012 21:39:39 -0600

Available diffs

Superseded in precise-release on 2012-03-24
openssl (1.0.1-2ubuntu1) precise; urgency=low

  * Resynchronise with Debian (LP: #958430).  Remaining changes:
    - debian/libssl1.0.0.postinst:
      + Display a system restart required notification on libssl1.0.0
        upgrade on servers.
      + Use a different priority for libssl1.0.0/restart-services depending
        on whether a desktop, or server dist-upgrade is being performed.
    - debian/{libssl1.0.0-udeb.dirs, control, rules}: Create
      libssl1.0.0-udeb, for the benefit of wget-udeb (no wget-udeb package
      in Debian).
    - debian/{libcrypto1.0.0-udeb.dirs, libssl1.0.0.dirs, libssl1.0.0.files,
      rules}: Move runtime libraries to /lib, for the benefit of
      wpasupplicant.
    - debian/patches/perlpath-quilt.patch: Don't change perl #! paths under
      .pc.
    - debian/rules:
      + Don't run 'make test' when cross-building.
      + Use host compiler when cross-building.  Patch from Neil Williams.
      + Don't build for processors no longer supported: i586 (on i386)
      + Fix Makefile to properly clean up libs/ dirs in clean target.
      + Replace duplicate files in the doc directory with symlinks.
    - Unapply patch c_rehash-multi and comment it out in the series as it
      breaks parsing of certificates with CRLF line endings and other cases
      (see Debian #642314 for discussion), it also changes the semantics of
      c_rehash directories by requiring applications to parse hash link
      targets as files containing potentially *multiple* certificates rather
      than exactly one.
  * Drop aesni.patch, applied upstream.
  * Drop Bsymbolic-functions.patch, now handled using dpkg-buildflags.

Available diffs

Superseded in precise-release on 2012-03-22
openssl (1.0.0g-1ubuntu1) precise; urgency=low

  * Resynchronise with Debian. Remaining changes:
    - debian/libssl1.0.0.postinst:
      + Display a system restart required notification on libssl1.0.0
        upgrade on servers.
      + Use a different priority for libssl1.0.0/restart-services depending
        on whether a desktop, or server dist-upgrade is being performed.
    - debian/{libssl1.0.0-udeb.dirs, control, rules}: Create
      libssl1.0.0-udeb, for the benefit of wget-udeb (no wget-udeb package
      in Debian).
    - debian/{libcrypto1.0.0-udeb.dirs, libssl1.0.0.dirs, libssl1.0.0.files,
      rules}: Move runtime libraries to /lib, for the benefit of
      wpasupplicant.
    - debian/patches/aesni.patch: Backport Intel AES-NI support, now from
      http://rt.openssl.org/Ticket/Display.html?id=2065 rather than the
      0.9.8 variant.
    - debian/patches/Bsymbolic-functions.patch: Link using
      -Bsymbolic-functions.
    - debian/patches/perlpath-quilt.patch: Don't change perl #! paths under
      .pc.
    - debian/rules:
      + Don't run 'make test' when cross-building.
      + Use host compiler when cross-building.  Patch from Neil Williams.
      + Don't build for processors no longer supported: i586 (on i386)
      + Fix Makefile to properly clean up libs/ dirs in clean target.
      + Replace duplicate files in the doc directory with symlinks.
    - Unapply patch c_rehash-multi and comment it out in the series as it
      breaks parsing of certificates with CRLF line endings and other cases
      (see Debian #642314 for discussion), it also changes the semantics of
      c_rehash directories by requiring applications to parse hash link
      targets as files containing potentially *multiple* certificates
      rather than exactly one.

Superseded in oneiric-updates on 2012-04-19
Superseded in oneiric-security on 2012-04-19
openssl (1.0.0e-2ubuntu4.2) oneiric-security; urgency=low

  * SECURITY UPDATE: DTLS plaintext recovery attack
    - debian/patches/CVE-2011-4108.patch: perform all computations
      before discarding messages
    - CVE-2011-4108
  * SECURITY UPDATE: SSL 3.0 block padding exposure
    - debian/patches/CVE-2011-4576.patch: clear bytes used for block
      padding of SSL 3.0 records.
    - CVE-2011-4576
  * SECURITY UPDATE: malformed RFC 3779 data denial of service attack
    - debian/patches/CVE-2011-4577.patch: prevent malformed RFC3779
      data from triggering an assertion failure
    - CVE-2011-4577
  * SECURITY UPDATE: Server Gated Cryptography (SGC) denial of service
    - debian/patches/CVE-2011-4619.patch: Only allow one SGC handshake
      restart for SSL/TLS.
    - CVE-2011-4619
  * SECURITY UPDATE: GOST block cipher denial of service
    - debian/patches/CVE-2012-0027.patch: check GOST parameters are
      not NULL
    - CVE-2012-0027
  * SECURITY UPDATE: fix for CVE-2011-4108 denial of service attack
    - debian/patches/CVE-2012-0050.patch: improve handling of DTLS MAC
    - CVE-2012-0050
 -- Steve Beattie <email address hidden>   Wed, 08 Feb 2012 16:06:24 -0800
Superseded in hardy-updates on 2012-04-19
Superseded in hardy-security on 2012-04-19
openssl (0.9.8g-4ubuntu3.15) hardy-security; urgency=low

  * SECURITY UPDATE: ECDSA private key timing attack
    - crypto/ecdsa/ecs_ossl.c: compute with fixed scalar length
    - http://cvs.openssl.org/chngview?cn=20892
    - CVE-2011-1945
  * SECURITY UPDATE: ECDH ciphersuite denial of service
    - ssl/s3_lib.c, file ssl/s3_srvr.c: fix memory usage for thread
      safety
    - http://cvs.openssl.org/chngview?cn=21334
    - CVE-2011-3210
  * SECURITY UPDATE: DTLS plaintext recovery attack (LP: #922229)
    - ssl/d1_pkt.c: perform all computations before discarding messages
    - http://cvs.openssl.org/chngview?cn=21942
    - http://cvs.openssl.org/chngview?cn=19574
    - CVE-2011-4108
  * SECURITY UPDATE: policy check double free vulnerability
    - crypto/x509v3/pcy_map.c, crypto/x509v3/pcy_tree.c: only free
      domain policy in one location
    - http://cvs.openssl.org/chngview?cn=21941
    - CVE-2011-4019
  * SECURITY UPDATE: incorrect elliptic curve computation TLS key
    exposure
    - crypto/bn/bn_nist.c: perform ellyiptic curve computations
      correctly
    - update to http://cvs.openssl.org/fileview?f=openssl/crypto/bn/bn_nist.c&v=1.20
    - CVE-2011-4354
  * SECURITY UPDATE: SSL 3.0 block padding exposure
    - ssl/s3_enc.c: clear bytes used for block padding of SSL 3.0
      records.
    - http://cvs.openssl.org/chngview?cn=21940
    - CVE-2011-4576
  * SECURITY UPDATE: malformed RFC 3779 data denial of service attack
    - crypto/x509v3/v3_addr.c: prevent malformed RFC3779 data
      from triggering an assertion failure
    - http://cvs.openssl.org/chngview?cn=21937
    - CVE-2011-4577
  * SECURITY UPDATE: Server Gated Cryptography (SGC) denial of service
    - ssl/s3_srvr.c, ssl/ssl.h, ssl/ssl3.h, ssl/ssl_err.c: Only allow
      one SGC handshake restart for SSL/TLS.
    - CVE-2011-4619
  * SECURITY UPDATE: fix for CVE-2011-4108 denial of service attack
    - ssl/d1_pkt.c: improve handling of DTLS MAC
    - http://cvs.openssl.org/chngview?cn=22032
    - CVE-2012-0050
  * crypto/ecdsa/ecdsatest.c: fix ECDSA tests
    - http://cvs.openssl.org/chngview?cn=21777
    - http://cvs.openssl.org/chngview?cn=21995
  * debian/libssl0.9.8.postinst: Only issue the reboot notification for
    servers by testing that the X server is not running (LP: #244250)
 -- Steve Beattie <email address hidden>   Tue, 31 Jan 2012 01:46:26 -0800
Superseded in lucid-updates on 2012-04-19
Superseded in lucid-security on 2012-04-19
openssl (0.9.8k-7ubuntu8.8) lucid-security; urgency=low

  * SECURITY UPDATE: ECDSA private key timing attack
    - debian/patches/CVE-2011-1945.patch: compute with fixed scalar
      length
    - CVE-2011-1945
  * SECURITY UPDATE: ECDH ciphersuite denial of service
    - debian/patches/CVE-2011-3210.patch: fix memory usage for thread
      safety
    - CVE-2011-3210
  * SECURITY UPDATE: DTLS plaintext recovery attack
    - debian/patches/CVE-2011-4108.patch: perform all computations
      before discarding messages
    - CVE-2011-4108
  * SECURITY UPDATE: policy check double free vulnerability
    - debian/patches/CVE-2011-4019.patch: only free domain policyin
      one location
    - CVE-2011-4019
  * SECURITY UPDATE: SSL 3.0 block padding exposure
    - debian/patches/CVE-2011-4576.patch: clear bytes used for block
      padding of SSL 3.0 records.
    - CVE-2011-4576
  * SECURITY UPDATE: malformed RFC 3779 data denial of service attack
    - debian/patches/CVE-2011-4577.patch: prevent malformed RFC3779
      data from triggering an assertion failure
    - CVE-2011-4577
  * SECURITY UPDATE: Server Gated Cryptography (SGC) denial of service
    - debian/patches/CVE-2011-4619.patch: Only allow one SGC handshake
      restart for SSL/TLS.
    - CVE-2011-4619
  * SECURITY UPDATE: fix for CVE-2011-4108 denial of service attack
    - debian/patches/CVE-2012-0050.patch: improve handling of DTLS MAC
    - CVE-2012-0050
  * debian/patches/openssl-fix_ECDSA_tests.patch: fix ECDSA tests
  * debian/libssl0.9.8.postinst: Only issue the reboot notification for
    servers by testing that the X server is not running (LP: #244250)
 -- Steve Beattie <email address hidden>   Tue, 31 Jan 2012 01:41:34 -0800
Obsolete in maverick-updates on 2013-03-05
Obsolete in maverick-security on 2013-03-05
openssl (0.9.8o-1ubuntu4.6) maverick-security; urgency=low

  * SECURITY UPDATE: ECDSA private key timing attack
    - debian/patches/CVE-2011-1945.patch: compute with fixed scalar
      length
    - CVE-2011-1945
  * SECURITY UPDATE: ECDH ciphersuite denial of service
    - debian/patches/CVE-2011-3210.patch: fix memory usage for thread
      safety
    - CVE-2011-3210
  * SECURITY UPDATE: DTLS plaintext recovery attack
    - debian/patches/CVE-2011-4108.patch: perform all computations
      before discarding messages
    - CVE-2011-4108
  * SECURITY UPDATE: policy check double free vulnerability
    - debian/patches/CVE-2011-4019.patch: only free domain policyin
      one location
    - CVE-2011-4019
  * SECURITY UPDATE: SSL 3.0 block padding exposure
    - debian/patches/CVE-2011-4576.patch: clear bytes used for block
      padding of SSL 3.0 records.
    - CVE-2011-4576
  * SECURITY UPDATE: malformed RFC 3779 data denial of service attack
    - debian/patches/CVE-2011-4577.patch: prevent malformed RFC3779
      data from triggering an assertion failure
    - CVE-2011-4577
  * SECURITY UPDATE: Server Gated Cryptography (SGC) denial of service
    - debian/patches/CVE-2011-4619.patch: Only allow one SGC handshake
      restart for SSL/TLS.
    - CVE-2011-4619
  * SECURITY UPDATE: fix for CVE-2011-4108 denial of service attack
    - debian/patches/CVE-2012-0050.patch: improve handling of DTLS MAC
    - CVE-2012-0050
  * debian/patches/openssl-fix_ECDSA_tests.patch: fix ECDSA tests
  * debian/libssl0.9.8.postinst: Only issue the reboot notification for
    servers by testing that the X server is not running (LP: #244250)
 -- Steve Beattie <email address hidden>   Tue, 31 Jan 2012 01:37:33 -0800
Superseded in natty-updates on 2012-04-19
Superseded in natty-security on 2012-04-19
openssl (0.9.8o-5ubuntu1.2) natty-security; urgency=low

  * SECURITY UPDATE: ECDSA private key timing attack
    - debian/patches/CVE-2011-1945.patch: compute with fixed scalar
      length
    - CVE-2011-1945
  * SECURITY UPDATE: ECDH ciphersuite denial of service
    - debian/patches/CVE-2011-3210.patch: fix memory usage for thread
      safety
    - CVE-2011-3210
  * SECURITY UPDATE: DTLS plaintext recovery attack
    - debian/patches/CVE-2011-4108.patch: perform all computations
      before discarding messages
    - CVE-2011-4108
  * SECURITY UPDATE: policy check double free vulnerability
    - debian/patches/CVE-2011-4019.patch: only free domain policyin
      one location
    - CVE-2011-4019
  * SECURITY UPDATE: SSL 3.0 block padding exposure
    - debian/patches/CVE-2011-4576.patch: clear bytes used for block
      padding of SSL 3.0 records.
    - CVE-2011-4576
  * SECURITY UPDATE: malformed RFC 3779 data denial of service attack
    - debian/patches/CVE-2011-4577.patch: prevent malformed RFC3779
      data from triggering an assertion failure
    - CVE-2011-4577
  * SECURITY UPDATE: Server Gated Cryptography (SGC) denial of service
    - debian/patches/CVE-2011-4619.patch: Only allow one SGC handshake
      restart for SSL/TLS.
    - CVE-2011-4619
  * SECURITY UPDATE: fix for CVE-2011-4108 denial of service attack
    - debian/patches/CVE-2012-0050.patch: improve handling of DTLS MAC
    - CVE-2012-0050
  * debian/libssl0.9.8.postinst: Only issue the reboot notification for
    servers by testing that the X server is not running (LP: #244250)
 -- Steve Beattie <email address hidden>   Tue, 31 Jan 2012 01:27:53 -0800
Superseded in precise-release on 2012-02-13
openssl (1.0.0e-3ubuntu1) precise; urgency=low

  * Resynchronise with Debian. Remaining changes:
    - debian/libssl1.0.0.postinst:
      + Display a system restart required notification on libssl1.0.0
        upgrade on servers.
      + Use a different priority for libssl1.0.0/restart-services depending
        on whether a desktop, or server dist-upgrade is being performed.
    - debian/{libssl1.0.0-udeb.dirs, control, rules}: Create
      libssl1.0.0-udeb, for the benefit of wget-udeb (no wget-udeb package
      in Debian).
    - debian/{libcrypto1.0.0-udeb.dirs, libssl1.0.0.dirs, libssl1.0.0.files,
      rules}: Move runtime libraries to /lib, for the benefit of
      wpasupplicant.
    - debian/patches/aesni.patch: Backport Intel AES-NI support, now from
      http://rt.openssl.org/Ticket/Display.html?id=2065 rather than the
      0.9.8 variant.
    - debian/patches/Bsymbolic-functions.patch: Link using
      -Bsymbolic-functions.
    - debian/patches/perlpath-quilt.patch: Don't change perl #! paths under
      .pc.
    - debian/rules:
      + Don't run 'make test' when cross-building.
      + Use host compiler when cross-building.  Patch from Neil Williams.
      + Don't build for processors no longer supported: i586 (on i386)
      + Fix Makefile to properly clean up libs/ dirs in clean target.
      + Replace duplicate files in the doc directory with symlinks.
    - Unapply patch c_rehash-multi and comment it out in the series as it
      breaks parsing of certificates with CRLF line endings and other cases
      (see Debian #642314 for discussion), it also changes the semantics of
      c_rehash directories by requiring applications to parse hash link
      targets as files containing potentially *multiple* certificates
      rather than exactly one.

Superseded in precise-release on 2012-01-12
Published in oneiric-release on 2011-10-05
openssl (1.0.0e-2ubuntu4) oneiric; urgency=low

  * The previous change moved the notification to major upgrades only, but
    in fact, we do want the sysadmin to be notified when security updates
    are installed, without having services automatically restarted.
    (LP: #244250)
 -- Marc Deslauriers <email address hidden>   Tue, 04 Oct 2011 09:31:22 -0400

Available diffs

175 of 196 results