openssl 0.9.8g-4ubuntu3.3 source package in Ubuntu

Changelog

openssl (0.9.8g-4ubuntu3.3) hardy-security; urgency=low

  * SECURITY UPDATE: fix denial of service when 'Server Key exchange message'
    is omitted from a TLS handshake
  * ssl/s3_clnt.c: make sure s->session->sess_cert is not NULL
  * SECURITY UPDATE: fix denial of service when using tlsext. Note that
    this version of openssl does not use tlsext by default.
  * ssl/t1_lib.c: make sure s->session->tlsext_hostname is set to NULL to
    prevent double free.
  * References
    CVE-2008-1672
    CVE-2008-0891
    LP: #235913

 -- Jamie Strandboge <email address hidden>   Thu, 19 Jun 2008 14:35:20 -0400

Upload details

Uploaded by:
Jamie Strandboge on 2008-06-26
Uploaded to:
Hardy
Original maintainer:
Ubuntu Development Team
Component:
main
Architectures:
any
Section:
utils
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size MD5 Checksum
openssl_0.9.8g.orig.tar.gz 3.2 MiB acf70a16359bf3658bdfb74bda1c4419
openssl_0.9.8g-4ubuntu3.3.diff.gz 51.8 KiB b1cea7b7db0cb4522acd795c3928f6d6
openssl_0.9.8g-4ubuntu3.3.dsc 912 bytes ac4c66a0442648d7b1a1afd326609c54

View changes file

Binary packages built by this source

libcrypto0.9.8-udeb: No summary available for libcrypto0.9.8-udeb in ubuntu hardy.

No description available for libcrypto0.9.8-udeb in ubuntu hardy.

libssl-dev: No summary available for libssl-dev in ubuntu hardy.

No description available for libssl-dev in ubuntu hardy.

libssl0.9.8: No summary available for libssl0.9.8 in ubuntu hardy.

No description available for libssl0.9.8 in ubuntu hardy.

libssl0.9.8-dbg: No summary available for libssl0.9.8-dbg in ubuntu hardy.

No description available for libssl0.9.8-dbg in ubuntu hardy.

openssl: No summary available for openssl in ubuntu hardy.

No description available for openssl in ubuntu hardy.

openssl-doc: No summary available for openssl-doc in ubuntu hardy.

No description available for openssl-doc in ubuntu hardy.