openssl 1.0.0e-2ubuntu4.2 source package in Ubuntu

Changelog

openssl (1.0.0e-2ubuntu4.2) oneiric-security; urgency=low

  * SECURITY UPDATE: DTLS plaintext recovery attack
    - debian/patches/CVE-2011-4108.patch: perform all computations
      before discarding messages
    - CVE-2011-4108
  * SECURITY UPDATE: SSL 3.0 block padding exposure
    - debian/patches/CVE-2011-4576.patch: clear bytes used for block
      padding of SSL 3.0 records.
    - CVE-2011-4576
  * SECURITY UPDATE: malformed RFC 3779 data denial of service attack
    - debian/patches/CVE-2011-4577.patch: prevent malformed RFC3779
      data from triggering an assertion failure
    - CVE-2011-4577
  * SECURITY UPDATE: Server Gated Cryptography (SGC) denial of service
    - debian/patches/CVE-2011-4619.patch: Only allow one SGC handshake
      restart for SSL/TLS.
    - CVE-2011-4619
  * SECURITY UPDATE: GOST block cipher denial of service
    - debian/patches/CVE-2012-0027.patch: check GOST parameters are
      not NULL
    - CVE-2012-0027
  * SECURITY UPDATE: fix for CVE-2011-4108 denial of service attack
    - debian/patches/CVE-2012-0050.patch: improve handling of DTLS MAC
    - CVE-2012-0050
 -- Steve Beattie <email address hidden>   Wed, 08 Feb 2012 16:06:24 -0800

Upload details

Uploaded by:
Steve Beattie on 2012-02-09
Uploaded to:
Oneiric
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
utils
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
openssl_1.0.0e.orig.tar.gz 3.9 MiB e361dc2775733fb84de7b5bf7b504778b772869e8f7bfac0b28b935cbf7380f7
openssl_1.0.0e-2ubuntu4.2.debian.tar.gz 115.1 KiB 229f05a3a9f6b1225edc302d9de9567c1c96ff8cf17550220871e717378ab4e1
openssl_1.0.0e-2ubuntu4.2.dsc 2.0 KiB 5c5dec895f96a7271532d6188dfa27ac5b338868f8746920342165584cfda6cc

View changes file

Binary packages built by this source

libcrypto1.0.0-udeb: No summary available for libcrypto1.0.0-udeb in ubuntu oneiric.

No description available for libcrypto1.0.0-udeb in ubuntu oneiric.

libssl-dev: No summary available for libssl-dev in ubuntu oneiric.

No description available for libssl-dev in ubuntu oneiric.

libssl-doc: No summary available for libssl-doc in ubuntu oneiric.

No description available for libssl-doc in ubuntu oneiric.

libssl1.0.0: No summary available for libssl1.0.0 in ubuntu oneiric.

No description available for libssl1.0.0 in ubuntu oneiric.

libssl1.0.0-dbg: No summary available for libssl1.0.0-dbg in ubuntu oneiric.

No description available for libssl1.0.0-dbg in ubuntu oneiric.

libssl1.0.0-udeb: No summary available for libssl1.0.0-udeb in ubuntu oneiric.

No description available for libssl1.0.0-udeb in ubuntu oneiric.

openssl: No summary available for openssl in ubuntu oneiric.

No description available for openssl in ubuntu oneiric.