openssl 1.0.2g-1ubuntu9.1 source package in Ubuntu

Changelog

openssl (1.0.2g-1ubuntu9.1) yakkety-security; urgency=medium

  * SECURITY UPDATE: Montgomery multiplication may produce incorrect
    results
    - debian/patches/CVE-2016-7055.patch: fix logic in
      crypto/bn/asm/x86_64-mont.pl.
    - CVE-2016-7055
  * SECURITY UPDATE: DoS via warning alerts
    - debian/patches/CVE-2016-8610.patch: don't allow too many consecutive
      warning alerts in ssl/d1_pkt.c, ssl/s3_pkt.c, ssl/ssl.h,
      ssl/ssl_locl.h.
    - debian/patches/CVE-2016-8610-2.patch: fail if an unrecognised record
      type is received in ssl/s3_pkt.c.
    - CVE-2016-8610
  * SECURITY UPDATE: Truncated packet could crash via OOB read
    - debian/patches/CVE-2017-3731.patch: harden RC4_MD5 cipher in
      crypto/evp/e_rc4_hmac_md5.c.
    - CVE-2017-3731
  * SECURITY UPDATE: BN_mod_exp may produce incorrect results on x86_64
    - debian/patches/CVE-2017-3732.patch: fix carry bug in
      bn_sqr8x_internal in crypto/bn/asm/x86_64-mont5.pl.
    - CVE-2017-3732

 -- Marc Deslauriers <email address hidden>  Mon, 30 Jan 2017 09:55:10 -0500

Upload details

Uploaded by:
Marc Deslauriers on 2017-01-30
Uploaded to:
Yakkety
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
utils
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
openssl_1.0.2g.orig.tar.gz 5.0 MiB b784b1b3907ce39abf4098702dade6365522a253ad1552e267a9a0e89594aa33
openssl_1.0.2g-1ubuntu9.1.debian.tar.xz 107.0 KiB 3c4c71846def115e6a390d5a2bbb1c63714cb989bfa69702116d12cdbafa07f9
openssl_1.0.2g-1ubuntu9.1.dsc 2.4 KiB 83008d01c7c1d8be4d84dd80f87411e08ffb20470eb4567b1484147627d0ac86

View changes file

Binary packages built by this source

libcrypto1.0.0-udeb: No summary available for libcrypto1.0.0-udeb in ubuntu yakkety.

No description available for libcrypto1.0.0-udeb in ubuntu yakkety.

libcrypto1.0.0-udeb-dbgsym: No summary available for libcrypto1.0.0-udeb-dbgsym in ubuntu yakkety.

No description available for libcrypto1.0.0-udeb-dbgsym in ubuntu yakkety.

libssl-dev: No summary available for libssl-dev in ubuntu yakkety.

No description available for libssl-dev in ubuntu yakkety.

libssl-dev-dbgsym: No summary available for libssl-dev-dbgsym in ubuntu yakkety.

No description available for libssl-dev-dbgsym in ubuntu yakkety.

libssl-doc: No summary available for libssl-doc in ubuntu yakkety.

No description available for libssl-doc in ubuntu yakkety.

libssl1.0.0: No summary available for libssl1.0.0 in ubuntu yakkety.

No description available for libssl1.0.0 in ubuntu yakkety.

libssl1.0.0-dbg: No summary available for libssl1.0.0-dbg in ubuntu yakkety.

No description available for libssl1.0.0-dbg in ubuntu yakkety.

libssl1.0.0-dbgsym: No summary available for libssl1.0.0-dbgsym in ubuntu yakkety.

No description available for libssl1.0.0-dbgsym in ubuntu yakkety.

libssl1.0.0-udeb: No summary available for libssl1.0.0-udeb in ubuntu yakkety.

No description available for libssl1.0.0-udeb in ubuntu yakkety.

libssl1.0.0-udeb-dbgsym: No summary available for libssl1.0.0-udeb-dbgsym in ubuntu yakkety.

No description available for libssl1.0.0-udeb-dbgsym in ubuntu yakkety.

openssl: No summary available for openssl in ubuntu yakkety.

No description available for openssl in ubuntu yakkety.

openssl-dbgsym: No summary available for openssl-dbgsym in ubuntu yakkety.

No description available for openssl-dbgsym in ubuntu yakkety.