openssl 1.0.0e-2ubuntu4.2 source package in Ubuntu

Changelog

openssl (1.0.0e-2ubuntu4.2) oneiric-security; urgency=low

  * SECURITY UPDATE: DTLS plaintext recovery attack
    - debian/patches/CVE-2011-4108.patch: perform all computations
      before discarding messages
    - CVE-2011-4108
  * SECURITY UPDATE: SSL 3.0 block padding exposure
    - debian/patches/CVE-2011-4576.patch: clear bytes used for block
      padding of SSL 3.0 records.
    - CVE-2011-4576
  * SECURITY UPDATE: malformed RFC 3779 data denial of service attack
    - debian/patches/CVE-2011-4577.patch: prevent malformed RFC3779
      data from triggering an assertion failure
    - CVE-2011-4577
  * SECURITY UPDATE: Server Gated Cryptography (SGC) denial of service
    - debian/patches/CVE-2011-4619.patch: Only allow one SGC handshake
      restart for SSL/TLS.
    - CVE-2011-4619
  * SECURITY UPDATE: GOST block cipher denial of service
    - debian/patches/CVE-2012-0027.patch: check GOST parameters are
      not NULL
    - CVE-2012-0027
  * SECURITY UPDATE: fix for CVE-2011-4108 denial of service attack
    - debian/patches/CVE-2012-0050.patch: improve handling of DTLS MAC
    - CVE-2012-0050
 -- Steve Beattie <email address hidden>   Wed, 08 Feb 2012 16:06:24 -0800

Upload details

Uploaded by:
Steve Beattie on 2012-02-09
Uploaded to:
Oneiric
Original maintainer:
Ubuntu Developers
Component:
main
Architectures:
any
Section:
utils
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size MD5 Checksum
openssl_1.0.0e.orig.tar.gz 3.9 MiB 7040b89c4c58c7a1016c0dfa6e821c86
openssl_1.0.0e-2ubuntu4.2.debian.tar.gz 115.1 KiB fb51d614ccf397b630d46acd9c8f4968
openssl_1.0.0e-2ubuntu4.2.dsc 2.0 KiB 0b4a4b08fe0c36f9c05b146ccaec5a8c

View changes file

Binary packages built by this source

libcrypto1.0.0-udeb: No summary available for libcrypto1.0.0-udeb in ubuntu oneiric.

No description available for libcrypto1.0.0-udeb in ubuntu oneiric.

libssl-dev: No summary available for libssl-dev in ubuntu oneiric.

No description available for libssl-dev in ubuntu oneiric.

libssl-doc: No summary available for libssl-doc in ubuntu oneiric.

No description available for libssl-doc in ubuntu oneiric.

libssl1.0.0: No summary available for libssl1.0.0 in ubuntu oneiric.

No description available for libssl1.0.0 in ubuntu oneiric.

libssl1.0.0-dbg: No summary available for libssl1.0.0-dbg in ubuntu oneiric.

No description available for libssl1.0.0-dbg in ubuntu oneiric.

libssl1.0.0-udeb: No summary available for libssl1.0.0-udeb in ubuntu oneiric.

No description available for libssl1.0.0-udeb in ubuntu oneiric.

openssl: No summary available for openssl in ubuntu oneiric.

No description available for openssl in ubuntu oneiric.