openssl 1.0.1-4ubuntu5.17 source package in Ubuntu


openssl (1.0.1-4ubuntu5.17) precise-security; urgency=medium

  * SECURITY UPDATE: double free when processing DTLS packets
    - debian/patches/CVE-2014-3505.patch: fix double free in ssl/d1_both.c.
    - CVE-2014-3505
  * SECURITY UPDATE: DTLS memory exhaustion
    - debian/patches/CVE-2014-3506.patch: fix DTLS handshake message size
      checks in ssl/d1_both.c.
    - CVE-2014-3506
  * SECURITY UPDATE: DTLS memory leak from zero-length fragments
    - debian/patches/CVE-2014-3507.patch: fix memory leak and return codes
      in ssl/d1_both.c.
    - CVE-2014-3507
  * SECURITY UPDATE: information leak in pretty printing functions
    - debian/patches/CVE-2014-3508.patch: fix OID handling in
      crypto/asn1/a_object.c, crypto/objects/obj_dat.c.
    - CVE-2014-3508
  * SECURITY UPDATE: race condition in ssl_parse_serverhello_tlsext
    - debian/patches/CVE-2014-3509.patch: fix race in ssl/t1_lib.c.
    - CVE-2014-3509
  * SECURITY UPDATE: DTLS anonymous EC(DH) denial of service
    - debian/patches/CVE-2014-3510.patch: check for server certs in
      ssl/d1_clnt.c, ssl/s3_clnt.c.
    - CVE-2014-3510
  * SECURITY UPDATE: TLS protocol downgrade attack
    - debian/patches/CVE-2014-3511.patch: properly handle fragments in
    - CVE-2014-3511
  * SECURITY UPDATE: SRP buffer overrun
    - debian/patches/CVE-2014-3512.patch: check parameters in
    - CVE-2014-3512
  * SECURITY UPDATE: crash with SRP ciphersuite in Server Hello message
    - debian/patches/CVE-2014-5139.patch: fix SRP authentication and make
      sure ciphersuite is set up correctly in ssl/s3_clnt.c, ssl/ssl_lib.c,
      ssl/s3_lib.c, ssl/ssl.h, ssl/ssl_ciph.c, ssl/ssl_locl.h.
    - CVE-2014-5139
 -- Marc Deslauriers <email address hidden>   Thu, 07 Aug 2014 08:16:48 -0400

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Original maintainer:
Ubuntu Developers
any all
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section


File Size SHA-256 Checksum
openssl_1.0.1.orig.tar.gz 4.2 MiB 4d9f0a594a9a89b28e1a04a9504c04104f6508ee27ad1e0efdd17a7a6dbbeeee
openssl_1.0.1-4ubuntu5.17.debian.tar.gz 145.6 KiB 7ca81de73358fa8c0880e6b1dca502895e645111e933e52f7815093e8b6c0df7
openssl_1.0.1-4ubuntu5.17.dsc 2.3 KiB eb8553feab142a8084488ee67a16930d4dd4f0a79a02360fd3fae2527080bfa1

View changes file

Binary packages built by this source

libcrypto1.0.0-udeb: crypto shared library - udeb

 libcrypto shared library.
 Do not install it on a normal system.

libssl-dev: SSL development libraries, header files and documentation

 libssl and libcrypto development libraries, header files and manpages.
 It is part of the OpenSSL implementation of SSL.

libssl-doc: SSL development documentation documentation

 libssl and libcrypto manpages and demo files.
 It is part of the OpenSSL implementation of SSL.

libssl1.0.0: SSL shared libraries

 libssl and libcrypto shared libraries needed by programs like
 apache-ssl, telnet-ssl and openssh.
 It is part of the OpenSSL implementation of SSL.

libssl1.0.0-dbg: Symbol tables for libssl and libcrypto

 This package is part of the OpenSSL implementation of SSL.

libssl1.0.0-udeb: ssl shared library - udeb

 libssl shared library.
 Do not install it on a normal system.

openssl: Secure Socket Layer (SSL) binary and related cryptographic tools

 This package contains the openssl binary and related tools.
 It is part of the OpenSSL implementation of SSL.
 You need it to perform certain cryptographic actions like:
  - Creation of RSA, DH and DSA key parameters;
  - Creation of X.509 certificates, CSRs and CRLs;
  - Calculation of message digests;
  - Encryption and decryption with ciphers;
  - SSL/TLS client and server tests;
  - Handling of S/MIME signed or encrypted mail.