Ubuntu
openssl package

openssl 1.0.0e-2ubuntu4.2 source package in Ubuntu

Changelog

openssl (1.0.0e-2ubuntu4.2) oneiric-security; urgency=low

  * SECURITY UPDATE: DTLS plaintext recovery attack
    - debian/patches/CVE-2011-4108.patch: perform all computations
      before discarding messages
    - CVE-2011-4108
  * SECURITY UPDATE: SSL 3.0 block padding exposure
    - debian/patches/CVE-2011-4576.patch: clear bytes used for block
      padding of SSL 3.0 records.
    - CVE-2011-4576
  * SECURITY UPDATE: malformed RFC 3779 data denial of service attack
    - debian/patches/CVE-2011-4577.patch: prevent malformed RFC3779
      data from triggering an assertion failure
    - CVE-2011-4577
  * SECURITY UPDATE: Server Gated Cryptography (SGC) denial of service
    - debian/patches/CVE-2011-4619.patch: Only allow one SGC handshake
      restart for SSL/TLS.
    - CVE-2011-4619
  * SECURITY UPDATE: GOST block cipher denial of service
    - debian/patches/CVE-2012-0027.patch: check GOST parameters are
      not NULL
    - CVE-2012-0027
  * SECURITY UPDATE: fix for CVE-2011-4108 denial of service attack
    - debian/patches/CVE-2012-0050.patch: improve handling of DTLS MAC
    - CVE-2012-0050
 -- Steve Beattie <email address hidden>   Wed, 08 Feb 2012 16:06:24 -0800

Upload details

Uploaded by:: Steve Beattie on 2012-02-09

Uploaded to:: Oneiric

Original maintainer:: Ubuntu Developers

Architectures:: any

Section:: utils

Urgency:: Low Urgency

See full publishing history Publishing

Series	Pocket	Published	Component	Section

Builds

Oneiric: amd64 armel i386 powerpc

Downloads

File	Size	SHA-256 Checksum
openssl_1.0.0e.orig.tar.gz	3.9 MiB	e361dc2775733fb84de7b5bf7b504778b772869e8f7bfac0b28b935cbf7380f7
openssl_1.0.0e-2ubuntu4.2.debian.tar.gz	115.1 KiB	229f05a3a9f6b1225edc302d9de9567c1c96ff8cf17550220871e717378ab4e1
openssl_1.0.0e-2ubuntu4.2.dsc	2.0 KiB	5c5dec895f96a7271532d6188dfa27ac5b338868f8746920342165584cfda6cc

Available diffs

diff from 1.0.0e-2ubuntu4.1 to 1.0.0e-2ubuntu4.2 (720 bytes)

View changes file

Binary packages built by this source

libcrypto1.0.0-udeb: No summary available for libcrypto1.0.0-udeb in ubuntu oneiric.: No description available for libcrypto1.0.0-udeb in ubuntu oneiric.

libssl-dev: No summary available for libssl-dev in ubuntu oneiric.: No description available for libssl-dev in ubuntu oneiric.

libssl-doc: No summary available for libssl-doc in ubuntu oneiric.: No description available for libssl-doc in ubuntu oneiric.

libssl1.0.0: No summary available for libssl1.0.0 in ubuntu oneiric.: No description available for libssl1.0.0 in ubuntu oneiric.

libssl1.0.0-dbg: No summary available for libssl1.0.0-dbg in ubuntu oneiric.: No description available for libssl1.0.0-dbg in ubuntu oneiric.

libssl1.0.0-udeb: No summary available for libssl1.0.0-udeb in ubuntu oneiric.: No description available for libssl1.0.0-udeb in ubuntu oneiric.

openssl: No summary available for openssl in ubuntu oneiric.: No description available for openssl in ubuntu oneiric.

Ubuntuopenssl package

openssl 1.0.0e-2ubuntu4.2 source package in Ubuntu

Changelog

Upload details

See full publishing history Publishing

Builds

Downloads

Available diffs

Binary packages built by this source

Ubuntu
openssl package