openssl 1.0.0e-2ubuntu4.6 source package in Ubuntu

Changelog

openssl (1.0.0e-2ubuntu4.6) oneiric-security; urgency=low

  * SECURITY UPDATE: denial of service attack in DTLS implementation
    - debian/patches/CVE_2012-2333.patch: guard for integer overflow
      before skipping explicit IV
    - CVE-2012-2333
  * SECURITY UPDATE: million message attack (MMA) in CMS and PKCS #7
    - debian/patches/CVE-2012-0884.patch: use a random key if RSA
      decryption fails to avoid leaking timing information
    - CVE-2012-0884
  * debian/patches/CVE-2012-0884-extra.patch: detect symmetric crypto
    errors in PKCS7_decrypt and initialize tkeylen properly when
    encrypting CMS messages.
 -- Steve Beattie <email address hidden>   Tue, 22 May 2012 15:24:09 -0700

Upload details

Uploaded by:
Steve Beattie on 2012-05-22
Uploaded to:
Oneiric
Original maintainer:
Ubuntu Developers
Component:
main
Architectures:
any
Section:
utils
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size MD5 Checksum
openssl_1.0.0e.orig.tar.gz 3.9 MiB 7040b89c4c58c7a1016c0dfa6e821c86
openssl_1.0.0e-2ubuntu4.6.debian.tar.gz 121.9 KiB 782d04b39ced714b50e5964e140fe6bd
openssl_1.0.0e-2ubuntu4.6.dsc 2.0 KiB 2f3be024d2603c7061421e322e3d168a

View changes file

Binary packages built by this source

libcrypto1.0.0-udeb: No summary available for libcrypto1.0.0-udeb in ubuntu oneiric.

No description available for libcrypto1.0.0-udeb in ubuntu oneiric.

libssl-dev: No summary available for libssl-dev in ubuntu oneiric.

No description available for libssl-dev in ubuntu oneiric.

libssl-doc: No summary available for libssl-doc in ubuntu oneiric.

No description available for libssl-doc in ubuntu oneiric.

libssl1.0.0: No summary available for libssl1.0.0 in ubuntu oneiric.

No description available for libssl1.0.0 in ubuntu oneiric.

libssl1.0.0-dbg: No summary available for libssl1.0.0-dbg in ubuntu oneiric.

No description available for libssl1.0.0-dbg in ubuntu oneiric.

libssl1.0.0-udeb: No summary available for libssl1.0.0-udeb in ubuntu oneiric.

No description available for libssl1.0.0-udeb in ubuntu oneiric.

openssl: No summary available for openssl in ubuntu oneiric.

No description available for openssl in ubuntu oneiric.