Ubuntu
openssl package

openssl 0.9.8k-7ubuntu8.22 source package in Ubuntu

Changelog

openssl (0.9.8k-7ubuntu8.22) lucid-security; urgency=medium

  * SECURITY UPDATE: denial of service via session ticket integrity check
    memory leak
    - debian/patches/CVE-2014-3567.patch: perform cleanup in ssl/t1_lib.c.
    - CVE-2014-3567
  * SECURITY UPDATE: fix the no-ssl3 build option
    - debian/patches/CVE-2014-3568.patch: fix conditional code in
      ssl/s23_clnt.c, ssl/s23_srvr.c.
    - CVE-2014-3568
  * SECURITY IMPROVEMENT: Added TLS_FALLBACK_SCSV support to mitigate a
    protocol downgrade attack to SSLv3 that exposes the POODLE attack.
    - debian/patches/tls_fallback_scsv_support.patch: added support for
      TLS_FALLBACK_SCSV in apps/s_client.c, crypto/err/openssl.ec,
      ssl/d1_lib.c, ssl/dtls1.h, ssl/s23_clnt.c, ssl/s23_srvr.c,
      ssl/s2_lib.c, ssl/s3_enc.c, ssl/s3_lib.c, ssl/ssl.h, ssl/ssl3.h,
      ssl/ssl_err.c, ssl/ssl_lib.c, ssl/t1_enc.c, ssl/tls1.h,
      ssl/ssl_locl.h, doc/apps/s_client.pod, doc/ssl/SSL_CTX_set_mode.pod.
 -- Marc Deslauriers <email address hidden>   Wed, 15 Oct 2014 13:17:00 -0400

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Lucid
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
utils
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
openssl_0.9.8k.orig.tar.gz 3.7 MiB 7e7cd4f3974199b729e6e3a0af08bd4279fde0370a1120c1a3b351ab090c6101
openssl_0.9.8k-7ubuntu8.22.diff.gz 163.1 KiB 97936138d9b308ac6c0763f0543b374656ca0e521d4d74dfddee738a64b942ef
openssl_0.9.8k-7ubuntu8.22.dsc 2.0 KiB b8a0d8af98c74bce55dd7f9904d6dbeb38a3a00e12241a9234c43cdb31067f57

View changes file

Binary packages built by this source

libcrypto0.9.8-udeb: No summary available for libcrypto0.9.8-udeb in ubuntu lucid.

No description available for libcrypto0.9.8-udeb in ubuntu lucid.

libssl-dev: No summary available for libssl-dev in ubuntu lucid.

No description available for libssl-dev in ubuntu lucid.

libssl0.9.8: No summary available for libssl0.9.8 in ubuntu lucid.

No description available for libssl0.9.8 in ubuntu lucid.

libssl0.9.8-dbg: No summary available for libssl0.9.8-dbg in ubuntu lucid.

No description available for libssl0.9.8-dbg in ubuntu lucid.

libssl0.9.8-udeb: No summary available for libssl0.9.8-udeb in ubuntu lucid.

No description available for libssl0.9.8-udeb in ubuntu lucid.

openssl: No summary available for openssl in ubuntu lucid.

No description available for openssl in ubuntu lucid.

openssl-doc: No summary available for openssl-doc in ubuntu lucid.

No description available for openssl-doc in ubuntu lucid.