openssl 1.0.0e-2ubuntu4.6 source package in Ubuntu

Changelog

openssl (1.0.0e-2ubuntu4.6) oneiric-security; urgency=low

  * SECURITY UPDATE: denial of service attack in DTLS implementation
    - debian/patches/CVE_2012-2333.patch: guard for integer overflow
      before skipping explicit IV
    - CVE-2012-2333
  * SECURITY UPDATE: million message attack (MMA) in CMS and PKCS #7
    - debian/patches/CVE-2012-0884.patch: use a random key if RSA
      decryption fails to avoid leaking timing information
    - CVE-2012-0884
  * debian/patches/CVE-2012-0884-extra.patch: detect symmetric crypto
    errors in PKCS7_decrypt and initialize tkeylen properly when
    encrypting CMS messages.
 -- Steve Beattie <email address hidden>   Tue, 22 May 2012 15:24:09 -0700

Upload details

Uploaded by:
Steve Beattie on 2012-05-22
Uploaded to:
Oneiric
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
utils
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
openssl_1.0.0e.orig.tar.gz 3.9 MiB e361dc2775733fb84de7b5bf7b504778b772869e8f7bfac0b28b935cbf7380f7
openssl_1.0.0e-2ubuntu4.6.debian.tar.gz 121.9 KiB 633855dc54b07e2ca125633990b0ea895b30778ed0a79cfe6c871d9422b579b4
openssl_1.0.0e-2ubuntu4.6.dsc 2.0 KiB 480e85a5fa869fd3f222ac6c74321e757caf185a45bf8d55857e7a75e84ffde7

View changes file

Binary packages built by this source

libcrypto1.0.0-udeb: No summary available for libcrypto1.0.0-udeb in ubuntu oneiric.

No description available for libcrypto1.0.0-udeb in ubuntu oneiric.

libssl-dev: No summary available for libssl-dev in ubuntu oneiric.

No description available for libssl-dev in ubuntu oneiric.

libssl-doc: No summary available for libssl-doc in ubuntu oneiric.

No description available for libssl-doc in ubuntu oneiric.

libssl1.0.0: No summary available for libssl1.0.0 in ubuntu oneiric.

No description available for libssl1.0.0 in ubuntu oneiric.

libssl1.0.0-dbg: No summary available for libssl1.0.0-dbg in ubuntu oneiric.

No description available for libssl1.0.0-dbg in ubuntu oneiric.

libssl1.0.0-udeb: No summary available for libssl1.0.0-udeb in ubuntu oneiric.

No description available for libssl1.0.0-udeb in ubuntu oneiric.

openssl: No summary available for openssl in ubuntu oneiric.

No description available for openssl in ubuntu oneiric.