openssl 1.0.1-4ubuntu5.21 source package in Ubuntu


openssl (1.0.1-4ubuntu5.21) precise-security; urgency=medium

  * SECURITY UPDATE: denial of service via unexpected handshake when
    no-ssl3 build option is used (not the default)
    - debian/patches/CVE-2014-3569.patch: keep the old method for now in
    - CVE-2014-3569
  * SECURITY UPDATE: bignum squaring may produce incorrect results
    - debian/patches/CVE-2014-3570.patch: fix bignum logic in
      crypto/bn/asm/, crypto/bn/asm/x86_64-gcc.c,
      crypto/bn/bn_asm.c, removed crypto/bn/asm/mips3.s, added test to
    - CVE-2014-3570
  * SECURITY UPDATE: DTLS segmentation fault in dtls1_get_record
    - debian/patches/CVE-2014-3571-1.patch: fix crash in ssl/d1_pkt.c,
    - debian/patches/CVE-2014-3571-2.patch: make code more obvious in
    - CVE-2014-3571
  * SECURITY UPDATE: ECDHE silently downgrades to ECDH [Client]
    - debian/patches/CVE-2014-3572.patch: don't skip server key exchange in
    - CVE-2014-3572
  * SECURITY UPDATE: certificate fingerprints can be modified
    - debian/patches/CVE-2014-8275.patch: fix various fingerprint issues in
      crypto/asn1/a_bitstr.c, crypto/asn1/a_type.c, crypto/asn1/a_verify.c,
      crypto/asn1/asn1.h, crypto/asn1/asn1_err.c, crypto/asn1/x_algor.c,
      crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, crypto/x509/x509.h,
    - CVE-2014-8275
  * SECURITY UPDATE: RSA silently downgrades to EXPORT_RSA [Client]
    - debian/patches/CVE-2015-0204.patch: only allow ephemeral RSA keys in
      export ciphersuites in ssl/d1_srvr.c, ssl/s3_clnt.c, ssl/s3_srvr.c,
      ssl/ssl.h, adjust documentation in doc/ssl/SSL_CTX_set_options.pod,
    - CVE-2015-0204
  * SECURITY UPDATE: DTLS memory leak in dtls1_buffer_record
    - debian/patches/CVE-2015-0206.patch: properly handle failures in
    - CVE-2015-0206
  * debian/patches/CVE-2015-0205.patch: fix code to prevent confusion in
 -- Marc Deslauriers <email address hidden>   Fri, 09 Jan 2015 10:24:21 -0500

Upload details

Uploaded by:
Marc Deslauriers on 2015-01-09
Uploaded to:
Original maintainer:
Ubuntu Developers
any all
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section


File Size SHA-256 Checksum
openssl_1.0.1.orig.tar.gz 4.2 MiB 4d9f0a594a9a89b28e1a04a9504c04104f6508ee27ad1e0efdd17a7a6dbbeeee
openssl_1.0.1-4ubuntu5.21.debian.tar.gz 172.2 KiB 33421a5e93db6aaf56423cd7ce297c5ab9dc6e31bf67b0c127667b789edd8b90
openssl_1.0.1-4ubuntu5.21.dsc 2.3 KiB b6124e68c402c65c67d0e8ad3f9f1eaef6d0ee4c7ab4cfdf22d197a15f0b1fb2

View changes file

Binary packages built by this source

libcrypto1.0.0-udeb: crypto shared library - udeb

 libcrypto shared library.
 Do not install it on a normal system.

libssl-dev: SSL development libraries, header files and documentation

 libssl and libcrypto development libraries, header files and manpages.
 It is part of the OpenSSL implementation of SSL.

libssl-doc: SSL development documentation documentation

 libssl and libcrypto manpages and demo files.
 It is part of the OpenSSL implementation of SSL.

libssl1.0.0: SSL shared libraries

 libssl and libcrypto shared libraries needed by programs like
 apache-ssl, telnet-ssl and openssh.
 It is part of the OpenSSL implementation of SSL.

libssl1.0.0-dbg: Symbol tables for libssl and libcrypto

 This package is part of the OpenSSL implementation of SSL.

libssl1.0.0-udeb: ssl shared library - udeb

 libssl shared library.
 Do not install it on a normal system.

openssl: Secure Socket Layer (SSL) binary and related cryptographic tools

 This package contains the openssl binary and related tools.
 It is part of the OpenSSL implementation of SSL.
 You need it to perform certain cryptographic actions like:
  - Creation of RSA, DH and DSA key parameters;
  - Creation of X.509 certificates, CSRs and CRLs;
  - Calculation of message digests;
  - Encryption and decryption with ciphers;
  - SSL/TLS client and server tests;
  - Handling of S/MIME signed or encrypted mail.