View Bazaar branches
Get this repository:
git clone https://git.launchpad.net/ubuntu/+source/openssl
Members of Ubuntu Server Dev import team can upload to this repository. Log in for directions.

Branches

Name Last Modified Last Commit
ubuntu/hardy-security 2013-02-21 13:33:18 UTC 2013-02-21
Import patches-unapplied version 0.9.8g-4ubuntu3.20 to ubuntu/hardy-security

Author: Marc Deslauriers
Author Date: 2013-02-18 20:49:05 UTC

Import patches-unapplied version 0.9.8g-4ubuntu3.20 to ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: 3e02728eac4fd4d74df24cc244bc6d3dfb45a04c

New changelog entries:
  * SECURITY UPDATE: denial of service via invalid OCSP key
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=66e8211c0b1347970096e04b18aa52567c325200
    - CVE-2013-0166
  * SECURITY UPDATE: "Lucky Thirteen" timing side-channel TLS attack
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=270881316664396326c461ec7a124aec2c6cc081
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=35a65e814beb899fa1c69a7673a8956c6059dce7
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=a33e6702a0db1b9f4648d247b8b28a5c0e42ca13
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=2928cb4c82d6516d9e65ede4901a5957d8c39c32
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=b3a959a337b8083bc855623f24cebaf43a477350
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=be88529753897c29c677d1becb321f0072c0659c
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=99f5093347c65eecbd05f0668aea94b32fcf20d7
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=24b28060975c01b749391778d13ec2ea1323a1aa
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=924b11742296c13816a9f301e76fea023003920c
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=c23a7458209e773ffcd42bdcfa5cf2564df86bd7
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=1909df070fb5c5b87246a2de19c17588deba5818
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=33ccde59a1ece0f68cc4b64e930001ab230725b1
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=5f9345a2f0b592457fc4a619ac98ea59ffd394ba
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=40e0de03955e218f45a7979cb46fba193f4e7fc2
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=1213e6c3c2d7abeeb886d911a3c6c06c5da2e3a4
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=ca3b81c8580a609edac1f13a3f62d4348d66c3a8
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=6351adecb4726476def5f5ad904a7d2e63480d53
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=fb092ef4fca897344daf7189526f5f26be6487ce
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=59b1129e0a50fdf7e4e58d7c355783a7bfc1f44c
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=4ea7019165db53b92b4284461c5c88bfe7c6e57d
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=76c61a5d1adb92388f39e585e4af860a20feb9bb
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=ff58eaa4b645a38f3a226cf566d969fffa64ef94
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=5864fd2061f43dc8f89b5755f19bd2a35dec636c
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=fbe621d08f2026926c91c1c5f386b27605e39a43
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=a8655eb21a7f9a313db18daa6ccaed928fb6027c
    - CVE-2013-0169

ubuntu/hardy-updates 2013-02-21 13:33:18 UTC 2013-02-21
Import patches-unapplied version 0.9.8g-4ubuntu3.20 to ubuntu/hardy-security

Author: Marc Deslauriers
Author Date: 2013-02-18 20:49:05 UTC

Import patches-unapplied version 0.9.8g-4ubuntu3.20 to ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: 3e02728eac4fd4d74df24cc244bc6d3dfb45a04c

New changelog entries:
  * SECURITY UPDATE: denial of service via invalid OCSP key
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=66e8211c0b1347970096e04b18aa52567c325200
    - CVE-2013-0166
  * SECURITY UPDATE: "Lucky Thirteen" timing side-channel TLS attack
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=270881316664396326c461ec7a124aec2c6cc081
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=35a65e814beb899fa1c69a7673a8956c6059dce7
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=a33e6702a0db1b9f4648d247b8b28a5c0e42ca13
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=2928cb4c82d6516d9e65ede4901a5957d8c39c32
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=b3a959a337b8083bc855623f24cebaf43a477350
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=be88529753897c29c677d1becb321f0072c0659c
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=99f5093347c65eecbd05f0668aea94b32fcf20d7
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=24b28060975c01b749391778d13ec2ea1323a1aa
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=924b11742296c13816a9f301e76fea023003920c
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=c23a7458209e773ffcd42bdcfa5cf2564df86bd7
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=1909df070fb5c5b87246a2de19c17588deba5818
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=33ccde59a1ece0f68cc4b64e930001ab230725b1
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=5f9345a2f0b592457fc4a619ac98ea59ffd394ba
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=40e0de03955e218f45a7979cb46fba193f4e7fc2
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=1213e6c3c2d7abeeb886d911a3c6c06c5da2e3a4
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=ca3b81c8580a609edac1f13a3f62d4348d66c3a8
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=6351adecb4726476def5f5ad904a7d2e63480d53
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=fb092ef4fca897344daf7189526f5f26be6487ce
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=59b1129e0a50fdf7e4e58d7c355783a7bfc1f44c
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=4ea7019165db53b92b4284461c5c88bfe7c6e57d
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=76c61a5d1adb92388f39e585e4af860a20feb9bb
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=ff58eaa4b645a38f3a226cf566d969fffa64ef94
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=5864fd2061f43dc8f89b5755f19bd2a35dec636c
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=fbe621d08f2026926c91c1c5f386b27605e39a43
    - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=a8655eb21a7f9a313db18daa6ccaed928fb6027c
    - CVE-2013-0169

ubuntu/oneiric-updates 2013-02-21 13:33:18 UTC 2013-02-21
Import patches-unapplied version 1.0.0e-2ubuntu4.7 to ubuntu/oneiric-security

Author: Marc Deslauriers
Author Date: 2013-02-18 19:55:40 UTC

Import patches-unapplied version 1.0.0e-2ubuntu4.7 to ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: 6c9ee61a5f1e66e3bc866ffae7ceb42279e639fb

New changelog entries:
  * SECURITY UPDATE: denial of service via invalid OCSP key
    - debian/patches/CVE-2013-0166.patch: properly handle NULL key in
      crypto/asn1/a_verify.c, crypto/ocsp/ocsp_vfy.c.
    - CVE-2013-0166
  * SECURITY UPDATE: "Lucky Thirteen" timing side-channel TLS attack
    - debian/patches/CVE-2013-0169.patch: massive code changes
    - CVE-2013-0169

ubuntu/oneiric-security 2013-02-21 13:33:18 UTC 2013-02-21
Import patches-unapplied version 1.0.0e-2ubuntu4.7 to ubuntu/oneiric-security

Author: Marc Deslauriers
Author Date: 2013-02-18 19:55:40 UTC

Import patches-unapplied version 1.0.0e-2ubuntu4.7 to ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: 6c9ee61a5f1e66e3bc866ffae7ceb42279e639fb

New changelog entries:
  * SECURITY UPDATE: denial of service via invalid OCSP key
    - debian/patches/CVE-2013-0166.patch: properly handle NULL key in
      crypto/asn1/a_verify.c, crypto/ocsp/ocsp_vfy.c.
    - CVE-2013-0166
  * SECURITY UPDATE: "Lucky Thirteen" timing side-channel TLS attack
    - debian/patches/CVE-2013-0169.patch: massive code changes
    - CVE-2013-0169

ubuntu/quantal 2012-10-07 02:03:12 UTC 2012-10-07
Import patches-unapplied version 1.0.1c-3ubuntu2 to ubuntu/quantal

Author: Tyler Hicks
Author Date: 2012-10-04 17:34:57 UTC

Import patches-unapplied version 1.0.1c-3ubuntu2 to ubuntu/quantal

Imported using git-ubuntu import.

Changelog parent: 2f84dee8ff1bdc3c9ddfad42fed4ee06f20da7b5

New changelog entries:
  [ Tyler Hicks <tyhicks@canonical.com> ]
  * debian/patches/tls12_workarounds.patch: Readd the change to check
    TLS1_get_client_version rather than TLS1_get_version to fix incorrect
    client hello cipher list truncation when TLS 1.1 and lower is in use.
    (LP: #1051892)
  [ Micah Gersten <micahg@ubuntu.com> ]
  * Mark Debian Vcs-* as XS-Debian-Vcs-*
    - update debian/control

applied/ubuntu/quantal 2012-10-07 02:03:12 UTC 2012-10-07
Import patches-applied version 1.0.1c-3ubuntu2 to applied/ubuntu/quantal

Author: Tyler Hicks
Author Date: 2012-10-04 17:34:57 UTC

Import patches-applied version 1.0.1c-3ubuntu2 to applied/ubuntu/quantal

Imported using git-ubuntu import.

Changelog parent: 92e8b2858c261c388f4222a0b556e049c295d59a
Unapplied parent: 4dd7ea40d5f1a964434fe0c5f2171fe83418edb6

New changelog entries:
  [ Tyler Hicks <tyhicks@canonical.com> ]
  * debian/patches/tls12_workarounds.patch: Readd the change to check
    TLS1_get_client_version rather than TLS1_get_version to fix incorrect
    client hello cipher list truncation when TLS 1.1 and lower is in use.
    (LP: #1051892)
  [ Micah Gersten <micahg@ubuntu.com> ]
  * Mark Debian Vcs-* as XS-Debian-Vcs-*
    - update debian/control

ubuntu/natty-updates 2012-05-24 19:06:06 UTC 2012-05-24
Import patches-unapplied version 0.9.8o-5ubuntu1.7 to ubuntu/natty-security

Author: Steve Beattie
Author Date: 2012-05-22 22:25:06 UTC

Import patches-unapplied version 0.9.8o-5ubuntu1.7 to ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: a6a4ea585b2eb526be0341c0b3e2143343387bb4

New changelog entries:
  * SECURITY UPDATE: denial of service attack in DTLS implementation
    - debian/patches/CVE_2012-2333.patch: guard for integer overflow
      before skipping explicit IV
    - CVE-2012-2333
  * SECURITY UPDATE: million message attack (MMA) in CMS and PKCS #7
    - debian/patches/CVE-2012-0884.patch: use a random key if RSA
      decryption fails to avoid leaking timing information
    - CVE-2012-0884
  * debian/patches/CVE-2012-0884-extra.patch: detect symmetric crypto
    errors in PKCS7_decrypt and initialize tkeylen properly when
    encrypting CMS messages.

applied/ubuntu/natty-devel 2012-05-24 19:06:06 UTC 2012-05-24
Import patches-applied version 0.9.8o-5ubuntu1.7 to applied/ubuntu/natty-secu...

Author: Steve Beattie
Author Date: 2012-05-22 22:25:06 UTC

Import patches-applied version 0.9.8o-5ubuntu1.7 to applied/ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: a93ed605fb1d8ca39d478a27b0d3a45cb98eb8b0
Unapplied parent: df195b28d14f31d3c94663e8a468f17163def238

New changelog entries:
  * SECURITY UPDATE: denial of service attack in DTLS implementation
    - debian/patches/CVE_2012-2333.patch: guard for integer overflow
      before skipping explicit IV
    - CVE-2012-2333
  * SECURITY UPDATE: million message attack (MMA) in CMS and PKCS #7
    - debian/patches/CVE-2012-0884.patch: use a random key if RSA
      decryption fails to avoid leaking timing information
    - CVE-2012-0884
  * debian/patches/CVE-2012-0884-extra.patch: detect symmetric crypto
    errors in PKCS7_decrypt and initialize tkeylen properly when
    encrypting CMS messages.

ubuntu/natty-devel 2012-05-24 19:06:06 UTC 2012-05-24
Import patches-unapplied version 0.9.8o-5ubuntu1.7 to ubuntu/natty-security

Author: Steve Beattie
Author Date: 2012-05-22 22:25:06 UTC

Import patches-unapplied version 0.9.8o-5ubuntu1.7 to ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: a6a4ea585b2eb526be0341c0b3e2143343387bb4

New changelog entries:
  * SECURITY UPDATE: denial of service attack in DTLS implementation
    - debian/patches/CVE_2012-2333.patch: guard for integer overflow
      before skipping explicit IV
    - CVE-2012-2333
  * SECURITY UPDATE: million message attack (MMA) in CMS and PKCS #7
    - debian/patches/CVE-2012-0884.patch: use a random key if RSA
      decryption fails to avoid leaking timing information
    - CVE-2012-0884
  * debian/patches/CVE-2012-0884-extra.patch: detect symmetric crypto
    errors in PKCS7_decrypt and initialize tkeylen properly when
    encrypting CMS messages.

applied/ubuntu/natty-updates 2012-05-24 19:06:06 UTC 2012-05-24
Import patches-applied version 0.9.8o-5ubuntu1.7 to applied/ubuntu/natty-secu...

Author: Steve Beattie
Author Date: 2012-05-22 22:25:06 UTC

Import patches-applied version 0.9.8o-5ubuntu1.7 to applied/ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: a93ed605fb1d8ca39d478a27b0d3a45cb98eb8b0
Unapplied parent: df195b28d14f31d3c94663e8a468f17163def238

New changelog entries:
  * SECURITY UPDATE: denial of service attack in DTLS implementation
    - debian/patches/CVE_2012-2333.patch: guard for integer overflow
      before skipping explicit IV
    - CVE-2012-2333
  * SECURITY UPDATE: million message attack (MMA) in CMS and PKCS #7
    - debian/patches/CVE-2012-0884.patch: use a random key if RSA
      decryption fails to avoid leaking timing information
    - CVE-2012-0884
  * debian/patches/CVE-2012-0884-extra.patch: detect symmetric crypto
    errors in PKCS7_decrypt and initialize tkeylen properly when
    encrypting CMS messages.

applied/ubuntu/natty-security 2012-05-24 19:06:06 UTC 2012-05-24
Import patches-applied version 0.9.8o-5ubuntu1.7 to applied/ubuntu/natty-secu...

Author: Steve Beattie
Author Date: 2012-05-22 22:25:06 UTC

Import patches-applied version 0.9.8o-5ubuntu1.7 to applied/ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: a93ed605fb1d8ca39d478a27b0d3a45cb98eb8b0
Unapplied parent: df195b28d14f31d3c94663e8a468f17163def238

New changelog entries:
  * SECURITY UPDATE: denial of service attack in DTLS implementation
    - debian/patches/CVE_2012-2333.patch: guard for integer overflow
      before skipping explicit IV
    - CVE-2012-2333
  * SECURITY UPDATE: million message attack (MMA) in CMS and PKCS #7
    - debian/patches/CVE-2012-0884.patch: use a random key if RSA
      decryption fails to avoid leaking timing information
    - CVE-2012-0884
  * debian/patches/CVE-2012-0884-extra.patch: detect symmetric crypto
    errors in PKCS7_decrypt and initialize tkeylen properly when
    encrypting CMS messages.

ubuntu/natty-security 2012-05-24 19:06:06 UTC 2012-05-24
Import patches-unapplied version 0.9.8o-5ubuntu1.7 to ubuntu/natty-security

Author: Steve Beattie
Author Date: 2012-05-22 22:25:06 UTC

Import patches-unapplied version 0.9.8o-5ubuntu1.7 to ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: a6a4ea585b2eb526be0341c0b3e2143343387bb4

New changelog entries:
  * SECURITY UPDATE: denial of service attack in DTLS implementation
    - debian/patches/CVE_2012-2333.patch: guard for integer overflow
      before skipping explicit IV
    - CVE-2012-2333
  * SECURITY UPDATE: million message attack (MMA) in CMS and PKCS #7
    - debian/patches/CVE-2012-0884.patch: use a random key if RSA
      decryption fails to avoid leaking timing information
    - CVE-2012-0884
  * debian/patches/CVE-2012-0884-extra.patch: detect symmetric crypto
    errors in PKCS7_decrypt and initialize tkeylen properly when
    encrypting CMS messages.

applied/ubuntu/precise 2012-04-19 21:03:58 UTC 2012-04-19
Import patches-applied version 1.0.1-4ubuntu3 to applied/ubuntu/precise

Author: Jamie Strandboge
Author Date: 2012-04-19 15:31:06 UTC

Import patches-applied version 1.0.1-4ubuntu3 to applied/ubuntu/precise

Imported using git-ubuntu import.

Changelog parent: 119873f219573376bb126d4ee30eefda8bb4fd4c
Unapplied parent: 63d54bfbe26c19366f50881499b56096bf23cc44

New changelog entries:
  * SECURITY UPDATE: fix various overflows
    - debian/patches/CVE-2012-2110.patch: adjust crypto/a_d2i_fp.c,
      crypto/buffer.c and crypto/mem.c to verify size of lengths
    - CVE-2012-2110

ubuntu/precise 2012-04-19 21:03:58 UTC 2012-04-19
Import patches-unapplied version 1.0.1-4ubuntu3 to ubuntu/precise

Author: Jamie Strandboge
Author Date: 2012-04-19 15:31:06 UTC

Import patches-unapplied version 1.0.1-4ubuntu3 to ubuntu/precise

Imported using git-ubuntu import.

Changelog parent: d92b3d1a66871f535a11abd7249d0dbf924a03b1

New changelog entries:
  * SECURITY UPDATE: fix various overflows
    - debian/patches/CVE-2012-2110.patch: adjust crypto/a_d2i_fp.c,
      crypto/buffer.c and crypto/mem.c to verify size of lengths
    - CVE-2012-2110

debian/lenny 2012-03-10 15:16:39 UTC 2012-03-10
Import patches-unapplied version 0.9.8g-15+lenny16 to debian/lenny

Author: Kurt Roeckx
Author Date: 2012-01-18 20:38:40 UTC

Import patches-unapplied version 0.9.8g-15+lenny16 to debian/lenny

Imported using git-ubuntu import.

Changelog parent: a4da6903319d0954179382841642bf90fe0398df

New changelog entries:
  * Fix CVE-2012-0050.
  * Fix CVE-2011-4354 (Closes: #650621)
  * Fix CVE-2011-4108, CVE-2011-4109, CVE-2011-4576, CVE-2011-4619
    and CVE-2011-4577
  * Send alert instead of assertion failure for incorrectly formatted DTLS
    fragments. (Closes: #645805)
  * Non-maintainer upload by the Security Team.
  * Block Malaysian's Digicert Sdn. Bhd. certificates by marking them
    as revoked.

applied/debian/lenny 2012-03-10 15:16:39 UTC 2012-03-10
Import patches-applied version 0.9.8g-15+lenny16 to applied/debian/lenny

Author: Kurt Roeckx
Author Date: 2012-01-18 20:38:40 UTC

Import patches-applied version 0.9.8g-15+lenny16 to applied/debian/lenny

Imported using git-ubuntu import.

Changelog parent: 1a41b593232a1fccddb63b7876c4731fc940901d
Unapplied parent: 41878a9368d4ca1cec76dfb253e7fcc55502dcfc

New changelog entries:
  * Fix CVE-2012-0050.
  * Fix CVE-2011-4354 (Closes: #650621)
  * Fix CVE-2011-4108, CVE-2011-4109, CVE-2011-4576, CVE-2011-4619
    and CVE-2011-4577
  * Send alert instead of assertion failure for incorrectly formatted DTLS
    fragments. (Closes: #645805)
  * Non-maintainer upload by the Security Team.
  * Block Malaysian's Digicert Sdn. Bhd. certificates by marking them
    as revoked.

applied/ubuntu/maverick-updates 2012-02-09 21:39:03 UTC 2012-02-09
Import patches-applied version 0.9.8o-1ubuntu4.6 to applied/ubuntu/maverick-s...

Author: Steve Beattie
Author Date: 2012-01-31 09:37:33 UTC

Import patches-applied version 0.9.8o-1ubuntu4.6 to applied/ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: 44937e3dd6c99b82be10ffcd22c077795bc2b84c
Unapplied parent: 6969796e75b13aa3ca868f1abcbbfdb0b2abc0b8

New changelog entries:
  * SECURITY UPDATE: ECDSA private key timing attack
    - debian/patches/CVE-2011-1945.patch: compute with fixed scalar
      length
    - CVE-2011-1945
  * SECURITY UPDATE: ECDH ciphersuite denial of service
    - debian/patches/CVE-2011-3210.patch: fix memory usage for thread
      safety
    - CVE-2011-3210
  * SECURITY UPDATE: DTLS plaintext recovery attack
    - debian/patches/CVE-2011-4108.patch: perform all computations
      before discarding messages
    - CVE-2011-4108
  * SECURITY UPDATE: policy check double free vulnerability
    - debian/patches/CVE-2011-4019.patch: only free domain policyin
      one location
    - CVE-2011-4019
  * SECURITY UPDATE: SSL 3.0 block padding exposure
    - debian/patches/CVE-2011-4576.patch: clear bytes used for block
      padding of SSL 3.0 records.
    - CVE-2011-4576
  * SECURITY UPDATE: malformed RFC 3779 data denial of service attack
    - debian/patches/CVE-2011-4577.patch: prevent malformed RFC3779
      data from triggering an assertion failure
    - CVE-2011-4577
  * SECURITY UPDATE: Server Gated Cryptography (SGC) denial of service
    - debian/patches/CVE-2011-4619.patch: Only allow one SGC handshake
      restart for SSL/TLS.
    - CVE-2011-4619
  * SECURITY UPDATE: fix for CVE-2011-4108 denial of service attack
    - debian/patches/CVE-2012-0050.patch: improve handling of DTLS MAC
    - CVE-2012-0050
  * debian/patches/openssl-fix_ECDSA_tests.patch: fix ECDSA tests
  * debian/libssl0.9.8.postinst: Only issue the reboot notification for
    servers by testing that the X server is not running (LP: #244250)

applied/ubuntu/maverick-security 2012-02-09 21:39:03 UTC 2012-02-09
Import patches-applied version 0.9.8o-1ubuntu4.6 to applied/ubuntu/maverick-s...

Author: Steve Beattie
Author Date: 2012-01-31 09:37:33 UTC

Import patches-applied version 0.9.8o-1ubuntu4.6 to applied/ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: 44937e3dd6c99b82be10ffcd22c077795bc2b84c
Unapplied parent: 6969796e75b13aa3ca868f1abcbbfdb0b2abc0b8

New changelog entries:
  * SECURITY UPDATE: ECDSA private key timing attack
    - debian/patches/CVE-2011-1945.patch: compute with fixed scalar
      length
    - CVE-2011-1945
  * SECURITY UPDATE: ECDH ciphersuite denial of service
    - debian/patches/CVE-2011-3210.patch: fix memory usage for thread
      safety
    - CVE-2011-3210
  * SECURITY UPDATE: DTLS plaintext recovery attack
    - debian/patches/CVE-2011-4108.patch: perform all computations
      before discarding messages
    - CVE-2011-4108
  * SECURITY UPDATE: policy check double free vulnerability
    - debian/patches/CVE-2011-4019.patch: only free domain policyin
      one location
    - CVE-2011-4019
  * SECURITY UPDATE: SSL 3.0 block padding exposure
    - debian/patches/CVE-2011-4576.patch: clear bytes used for block
      padding of SSL 3.0 records.
    - CVE-2011-4576
  * SECURITY UPDATE: malformed RFC 3779 data denial of service attack
    - debian/patches/CVE-2011-4577.patch: prevent malformed RFC3779
      data from triggering an assertion failure
    - CVE-2011-4577
  * SECURITY UPDATE: Server Gated Cryptography (SGC) denial of service
    - debian/patches/CVE-2011-4619.patch: Only allow one SGC handshake
      restart for SSL/TLS.
    - CVE-2011-4619
  * SECURITY UPDATE: fix for CVE-2011-4108 denial of service attack
    - debian/patches/CVE-2012-0050.patch: improve handling of DTLS MAC
    - CVE-2012-0050
  * debian/patches/openssl-fix_ECDSA_tests.patch: fix ECDSA tests
  * debian/libssl0.9.8.postinst: Only issue the reboot notification for
    servers by testing that the X server is not running (LP: #244250)

applied/ubuntu/maverick-devel 2012-02-09 21:39:03 UTC 2012-02-09
Import patches-applied version 0.9.8o-1ubuntu4.6 to applied/ubuntu/maverick-s...

Author: Steve Beattie
Author Date: 2012-01-31 09:37:33 UTC

Import patches-applied version 0.9.8o-1ubuntu4.6 to applied/ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: 44937e3dd6c99b82be10ffcd22c077795bc2b84c
Unapplied parent: 6969796e75b13aa3ca868f1abcbbfdb0b2abc0b8

New changelog entries:
  * SECURITY UPDATE: ECDSA private key timing attack
    - debian/patches/CVE-2011-1945.patch: compute with fixed scalar
      length
    - CVE-2011-1945
  * SECURITY UPDATE: ECDH ciphersuite denial of service
    - debian/patches/CVE-2011-3210.patch: fix memory usage for thread
      safety
    - CVE-2011-3210
  * SECURITY UPDATE: DTLS plaintext recovery attack
    - debian/patches/CVE-2011-4108.patch: perform all computations
      before discarding messages
    - CVE-2011-4108
  * SECURITY UPDATE: policy check double free vulnerability
    - debian/patches/CVE-2011-4019.patch: only free domain policyin
      one location
    - CVE-2011-4019
  * SECURITY UPDATE: SSL 3.0 block padding exposure
    - debian/patches/CVE-2011-4576.patch: clear bytes used for block
      padding of SSL 3.0 records.
    - CVE-2011-4576
  * SECURITY UPDATE: malformed RFC 3779 data denial of service attack
    - debian/patches/CVE-2011-4577.patch: prevent malformed RFC3779
      data from triggering an assertion failure
    - CVE-2011-4577
  * SECURITY UPDATE: Server Gated Cryptography (SGC) denial of service
    - debian/patches/CVE-2011-4619.patch: Only allow one SGC handshake
      restart for SSL/TLS.
    - CVE-2011-4619
  * SECURITY UPDATE: fix for CVE-2011-4108 denial of service attack
    - debian/patches/CVE-2012-0050.patch: improve handling of DTLS MAC
    - CVE-2012-0050
  * debian/patches/openssl-fix_ECDSA_tests.patch: fix ECDSA tests
  * debian/libssl0.9.8.postinst: Only issue the reboot notification for
    servers by testing that the X server is not running (LP: #244250)

ubuntu/maverick-devel 2012-02-09 21:39:03 UTC 2012-02-09
Import patches-unapplied version 0.9.8o-1ubuntu4.6 to ubuntu/maverick-security

Author: Steve Beattie
Author Date: 2012-01-31 09:37:33 UTC

Import patches-unapplied version 0.9.8o-1ubuntu4.6 to ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: 6982a41627d3ca3ab47c6b46fcd713cc2c44405a

New changelog entries:
  * SECURITY UPDATE: ECDSA private key timing attack
    - debian/patches/CVE-2011-1945.patch: compute with fixed scalar
      length
    - CVE-2011-1945
  * SECURITY UPDATE: ECDH ciphersuite denial of service
    - debian/patches/CVE-2011-3210.patch: fix memory usage for thread
      safety
    - CVE-2011-3210
  * SECURITY UPDATE: DTLS plaintext recovery attack
    - debian/patches/CVE-2011-4108.patch: perform all computations
      before discarding messages
    - CVE-2011-4108
  * SECURITY UPDATE: policy check double free vulnerability
    - debian/patches/CVE-2011-4019.patch: only free domain policyin
      one location
    - CVE-2011-4019
  * SECURITY UPDATE: SSL 3.0 block padding exposure
    - debian/patches/CVE-2011-4576.patch: clear bytes used for block
      padding of SSL 3.0 records.
    - CVE-2011-4576
  * SECURITY UPDATE: malformed RFC 3779 data denial of service attack
    - debian/patches/CVE-2011-4577.patch: prevent malformed RFC3779
      data from triggering an assertion failure
    - CVE-2011-4577
  * SECURITY UPDATE: Server Gated Cryptography (SGC) denial of service
    - debian/patches/CVE-2011-4619.patch: Only allow one SGC handshake
      restart for SSL/TLS.
    - CVE-2011-4619
  * SECURITY UPDATE: fix for CVE-2011-4108 denial of service attack
    - debian/patches/CVE-2012-0050.patch: improve handling of DTLS MAC
    - CVE-2012-0050
  * debian/patches/openssl-fix_ECDSA_tests.patch: fix ECDSA tests
  * debian/libssl0.9.8.postinst: Only issue the reboot notification for
    servers by testing that the X server is not running (LP: #244250)

ubuntu/maverick-security 2012-02-09 21:39:03 UTC 2012-02-09
Import patches-unapplied version 0.9.8o-1ubuntu4.6 to ubuntu/maverick-security

Author: Steve Beattie
Author Date: 2012-01-31 09:37:33 UTC

Import patches-unapplied version 0.9.8o-1ubuntu4.6 to ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: 6982a41627d3ca3ab47c6b46fcd713cc2c44405a

New changelog entries:
  * SECURITY UPDATE: ECDSA private key timing attack
    - debian/patches/CVE-2011-1945.patch: compute with fixed scalar
      length
    - CVE-2011-1945
  * SECURITY UPDATE: ECDH ciphersuite denial of service
    - debian/patches/CVE-2011-3210.patch: fix memory usage for thread
      safety
    - CVE-2011-3210
  * SECURITY UPDATE: DTLS plaintext recovery attack
    - debian/patches/CVE-2011-4108.patch: perform all computations
      before discarding messages
    - CVE-2011-4108
  * SECURITY UPDATE: policy check double free vulnerability
    - debian/patches/CVE-2011-4019.patch: only free domain policyin
      one location
    - CVE-2011-4019
  * SECURITY UPDATE: SSL 3.0 block padding exposure
    - debian/patches/CVE-2011-4576.patch: clear bytes used for block
      padding of SSL 3.0 records.
    - CVE-2011-4576
  * SECURITY UPDATE: malformed RFC 3779 data denial of service attack
    - debian/patches/CVE-2011-4577.patch: prevent malformed RFC3779
      data from triggering an assertion failure
    - CVE-2011-4577
  * SECURITY UPDATE: Server Gated Cryptography (SGC) denial of service
    - debian/patches/CVE-2011-4619.patch: Only allow one SGC handshake
      restart for SSL/TLS.
    - CVE-2011-4619
  * SECURITY UPDATE: fix for CVE-2011-4108 denial of service attack
    - debian/patches/CVE-2012-0050.patch: improve handling of DTLS MAC
    - CVE-2012-0050
  * debian/patches/openssl-fix_ECDSA_tests.patch: fix ECDSA tests
  * debian/libssl0.9.8.postinst: Only issue the reboot notification for
    servers by testing that the X server is not running (LP: #244250)

ubuntu/maverick-updates 2012-02-09 21:39:03 UTC 2012-02-09
Import patches-unapplied version 0.9.8o-1ubuntu4.6 to ubuntu/maverick-security

Author: Steve Beattie
Author Date: 2012-01-31 09:37:33 UTC

Import patches-unapplied version 0.9.8o-1ubuntu4.6 to ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: 6982a41627d3ca3ab47c6b46fcd713cc2c44405a

New changelog entries:
  * SECURITY UPDATE: ECDSA private key timing attack
    - debian/patches/CVE-2011-1945.patch: compute with fixed scalar
      length
    - CVE-2011-1945
  * SECURITY UPDATE: ECDH ciphersuite denial of service
    - debian/patches/CVE-2011-3210.patch: fix memory usage for thread
      safety
    - CVE-2011-3210
  * SECURITY UPDATE: DTLS plaintext recovery attack
    - debian/patches/CVE-2011-4108.patch: perform all computations
      before discarding messages
    - CVE-2011-4108
  * SECURITY UPDATE: policy check double free vulnerability
    - debian/patches/CVE-2011-4019.patch: only free domain policyin
      one location
    - CVE-2011-4019
  * SECURITY UPDATE: SSL 3.0 block padding exposure
    - debian/patches/CVE-2011-4576.patch: clear bytes used for block
      padding of SSL 3.0 records.
    - CVE-2011-4576
  * SECURITY UPDATE: malformed RFC 3779 data denial of service attack
    - debian/patches/CVE-2011-4577.patch: prevent malformed RFC3779
      data from triggering an assertion failure
    - CVE-2011-4577
  * SECURITY UPDATE: Server Gated Cryptography (SGC) denial of service
    - debian/patches/CVE-2011-4619.patch: Only allow one SGC handshake
      restart for SSL/TLS.
    - CVE-2011-4619
  * SECURITY UPDATE: fix for CVE-2011-4108 denial of service attack
    - debian/patches/CVE-2012-0050.patch: improve handling of DTLS MAC
    - CVE-2012-0050
  * debian/patches/openssl-fix_ECDSA_tests.patch: fix ECDSA tests
  * debian/libssl0.9.8.postinst: Only issue the reboot notification for
    servers by testing that the X server is not running (LP: #244250)

ubuntu/oneiric 2011-10-05 02:04:49 UTC 2011-10-05
Import patches-unapplied version 1.0.0e-2ubuntu4 to ubuntu/oneiric

Author: Marc Deslauriers
Author Date: 2011-10-04 13:31:22 UTC

Import patches-unapplied version 1.0.0e-2ubuntu4 to ubuntu/oneiric

Imported using git-ubuntu import.

Changelog parent: a79ab0f819ac70b12dd0d8afcff0630c8ca45257

New changelog entries:
  * The previous change moved the notification to major upgrades only, but
    in fact, we do want the sysadmin to be notified when security updates
    are installed, without having services automatically restarted.
    (LP: #244250)

applied/ubuntu/oneiric 2011-10-05 02:04:49 UTC 2011-10-05
Import patches-applied version 1.0.0e-2ubuntu4 to applied/ubuntu/oneiric

Author: Marc Deslauriers
Author Date: 2011-10-04 13:31:22 UTC

Import patches-applied version 1.0.0e-2ubuntu4 to applied/ubuntu/oneiric

Imported using git-ubuntu import.

Changelog parent: 2e26c6709cb595e6ecf9d17eeae00e5fe6713a5a
Unapplied parent: 0814e2afe12ca355044dce4a195ab395cc7e1483

New changelog entries:
  * The previous change moved the notification to major upgrades only, but
    in fact, we do want the sysadmin to be notified when security updates
    are installed, without having services automatically restarted.
    (LP: #244250)

ubuntu/natty 2011-02-23 01:04:49 UTC 2011-02-23
Import patches-unapplied version 0.9.8o-5ubuntu1 to ubuntu/natty

Author: Artur Rona
Author Date: 2011-02-13 15:10:24 UTC

Import patches-unapplied version 0.9.8o-5ubuntu1 to ubuntu/natty

Imported using git-ubuntu import.

Changelog parent: 4e7e7fb1a7092197b6f3cd6e6cfeba04f92e1cdc

New changelog entries:
  * Merge from debian unstable. Remaining changes: (LP: #718205)
    - d/libssl0.9.8.postinst:
      + Display a system restart required notification bubble
        on libssl0.9.8 upgrade.
      + Use a different priority for libssl0.9.8/restart-services
        depending on whether a desktop, or server dist-upgrade
        is being performed.
    - d/{libssl0.9.8-udeb.dirs, control, rules}: Create
      libssl0.9.8-udeb, for the benefit of wget-udeb (no wget-udeb
      package in Debian).
    - d/{libcrypto0.9.8-udeb.dirs, libssl0.9.8.dirs, libssl0.9.8.files,
      rules}: Move runtime libraries to /lib, for the benefit of wpasupplicant.
    - d/{control, openssl-doc.docs, openssl.docs, openssl.dirs}:
      + Ship documentation in openssl-doc, suggested by the package.
       (Closes: #470594)
    - d/p/aesni.patch: Backport Intel AES-NI support from
      http://rt.openssl.org/Ticket/Display.html?id=2067 (refreshed)
    - d/p/Bsymbolic-functions.patch: Link using -Bsymbolic-functions.
    - d/p/perlpath-quilt.patch: Don't change perl #! paths under .pc.
    - d/p/no-sslv2.patch: Disable SSLv2 to match NSS and GnuTLS.
      The protocol is unsafe and extremely deprecated. (Closes: #589706)
    - d/rules:
      + Disable SSLv2 during compile. (Closes: #589706)
      + Don't run 'make test' when cross-building.
      + Use host compiler when cross-building. Patch from Neil Williams.
        (Closes: #465248)
      + Don't build for processors no longer supported: i486, i586
        (on i386), v8 (on sparc).
      + Fix Makefile to properly clean up libs/ dirs in clean target.
        (Closes: #611667)
      + Replace duplicate files in the doc directory with symlinks.
  * This upload fixed CVE: (LP: #718208)
    - CVE-2011-0014

applied/ubuntu/natty 2011-02-23 01:04:49 UTC 2011-02-23
Import patches-applied version 0.9.8o-5ubuntu1 to applied/ubuntu/natty

Author: Artur Rona
Author Date: 2011-02-13 15:10:24 UTC

Import patches-applied version 0.9.8o-5ubuntu1 to applied/ubuntu/natty

Imported using git-ubuntu import.

Changelog parent: a618d1d8f55d6a06729e1da43760aa074b674aed
Unapplied parent: 1ef30be1a59a2ffb6d90f032d9c0985dc64af26d

New changelog entries:
  * Merge from debian unstable. Remaining changes: (LP: #718205)
    - d/libssl0.9.8.postinst:
      + Display a system restart required notification bubble
        on libssl0.9.8 upgrade.
      + Use a different priority for libssl0.9.8/restart-services
        depending on whether a desktop, or server dist-upgrade
        is being performed.
    - d/{libssl0.9.8-udeb.dirs, control, rules}: Create
      libssl0.9.8-udeb, for the benefit of wget-udeb (no wget-udeb
      package in Debian).
    - d/{libcrypto0.9.8-udeb.dirs, libssl0.9.8.dirs, libssl0.9.8.files,
      rules}: Move runtime libraries to /lib, for the benefit of wpasupplicant.
    - d/{control, openssl-doc.docs, openssl.docs, openssl.dirs}:
      + Ship documentation in openssl-doc, suggested by the package.
       (Closes: #470594)
    - d/p/aesni.patch: Backport Intel AES-NI support from
      http://rt.openssl.org/Ticket/Display.html?id=2067 (refreshed)
    - d/p/Bsymbolic-functions.patch: Link using -Bsymbolic-functions.
    - d/p/perlpath-quilt.patch: Don't change perl #! paths under .pc.
    - d/p/no-sslv2.patch: Disable SSLv2 to match NSS and GnuTLS.
      The protocol is unsafe and extremely deprecated. (Closes: #589706)
    - d/rules:
      + Disable SSLv2 during compile. (Closes: #589706)
      + Don't run 'make test' when cross-building.
      + Use host compiler when cross-building. Patch from Neil Williams.
        (Closes: #465248)
      + Don't build for processors no longer supported: i486, i586
        (on i386), v8 (on sparc).
      + Fix Makefile to properly clean up libs/ dirs in clean target.
        (Closes: #611667)
      + Replace duplicate files in the doc directory with symlinks.
  * This upload fixed CVE: (LP: #718208)
    - CVE-2011-0014

applied/ubuntu/karmic-security 2010-12-08 00:06:10 UTC 2010-12-08
Import patches-applied version 0.9.8g-16ubuntu3.5 to applied/ubuntu/karmic-se...

Author: Steve Beattie
Author Date: 2010-12-03 20:40:41 UTC

Import patches-applied version 0.9.8g-16ubuntu3.5 to applied/ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: 35c68f28bab8455f0ba58dff62316c97c5ffaa50
Unapplied parent: a7cca11c6dc9d8ea80371873453079af37f009c6

New changelog entries:
  * SECURITY UPDATE: ciphersuite downgrade vulnerability
    - ssl/s3_clnt.c, ssl/s3_srvr.c: disable workaround for Netscape
      cipher suite bug
    - http://openssl.org/news/secadv_20101202.txt
    - CVE-2010-4180

applied/ubuntu/dapper-devel 2010-12-08 00:06:10 UTC 2010-12-08
Import patches-applied version 0.9.8a-7ubuntu0.14 to applied/ubuntu/dapper-se...

Author: Steve Beattie
Author Date: 2010-12-03 21:15:15 UTC

Import patches-applied version 0.9.8a-7ubuntu0.14 to applied/ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: c67d9fe11e2d1645cdb0db3284d0ee393b41abd7
Unapplied parent: da350498fddd0822b6ad9624309d59cdbb82a77a

New changelog entries:
  * SECURITY UPDATE: ciphersuite downgrade vulnerability
    - ssl/s3_clnt.c, ssl/s3_srvr.c: disable workaround for Netscape
      cipher suite bug
    - http://openssl.org/news/secadv_20101202.txt
    - CVE-2010-4180

applied/ubuntu/dapper-security 2010-12-08 00:06:10 UTC 2010-12-08
Import patches-applied version 0.9.8a-7ubuntu0.14 to applied/ubuntu/dapper-se...

Author: Steve Beattie
Author Date: 2010-12-03 21:15:15 UTC

Import patches-applied version 0.9.8a-7ubuntu0.14 to applied/ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: c67d9fe11e2d1645cdb0db3284d0ee393b41abd7
Unapplied parent: da350498fddd0822b6ad9624309d59cdbb82a77a

New changelog entries:
  * SECURITY UPDATE: ciphersuite downgrade vulnerability
    - ssl/s3_clnt.c, ssl/s3_srvr.c: disable workaround for Netscape
      cipher suite bug
    - http://openssl.org/news/secadv_20101202.txt
    - CVE-2010-4180

applied/ubuntu/dapper-updates 2010-12-08 00:06:10 UTC 2010-12-08
Import patches-applied version 0.9.8a-7ubuntu0.14 to applied/ubuntu/dapper-se...

Author: Steve Beattie
Author Date: 2010-12-03 21:15:15 UTC

Import patches-applied version 0.9.8a-7ubuntu0.14 to applied/ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: c67d9fe11e2d1645cdb0db3284d0ee393b41abd7
Unapplied parent: da350498fddd0822b6ad9624309d59cdbb82a77a

New changelog entries:
  * SECURITY UPDATE: ciphersuite downgrade vulnerability
    - ssl/s3_clnt.c, ssl/s3_srvr.c: disable workaround for Netscape
      cipher suite bug
    - http://openssl.org/news/secadv_20101202.txt
    - CVE-2010-4180

ubuntu/karmic-devel 2010-12-08 00:06:10 UTC 2010-12-08
Import patches-unapplied version 0.9.8g-16ubuntu3.5 to ubuntu/karmic-security

Author: Steve Beattie
Author Date: 2010-12-03 20:40:41 UTC

Import patches-unapplied version 0.9.8g-16ubuntu3.5 to ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: 89bf41a8b985003742de05bf1a027ac45cbde2aa

New changelog entries:
  * SECURITY UPDATE: ciphersuite downgrade vulnerability
    - ssl/s3_clnt.c, ssl/s3_srvr.c: disable workaround for Netscape
      cipher suite bug
    - http://openssl.org/news/secadv_20101202.txt
    - CVE-2010-4180

ubuntu/karmic-security 2010-12-08 00:06:10 UTC 2010-12-08
Import patches-unapplied version 0.9.8g-16ubuntu3.5 to ubuntu/karmic-security

Author: Steve Beattie
Author Date: 2010-12-03 20:40:41 UTC

Import patches-unapplied version 0.9.8g-16ubuntu3.5 to ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: 89bf41a8b985003742de05bf1a027ac45cbde2aa

New changelog entries:
  * SECURITY UPDATE: ciphersuite downgrade vulnerability
    - ssl/s3_clnt.c, ssl/s3_srvr.c: disable workaround for Netscape
      cipher suite bug
    - http://openssl.org/news/secadv_20101202.txt
    - CVE-2010-4180

ubuntu/karmic-updates 2010-12-08 00:06:10 UTC 2010-12-08
Import patches-unapplied version 0.9.8g-16ubuntu3.5 to ubuntu/karmic-security

Author: Steve Beattie
Author Date: 2010-12-03 20:40:41 UTC

Import patches-unapplied version 0.9.8g-16ubuntu3.5 to ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: 89bf41a8b985003742de05bf1a027ac45cbde2aa

New changelog entries:
  * SECURITY UPDATE: ciphersuite downgrade vulnerability
    - ssl/s3_clnt.c, ssl/s3_srvr.c: disable workaround for Netscape
      cipher suite bug
    - http://openssl.org/news/secadv_20101202.txt
    - CVE-2010-4180

applied/ubuntu/karmic-devel 2010-12-08 00:06:10 UTC 2010-12-08
Import patches-applied version 0.9.8g-16ubuntu3.5 to applied/ubuntu/karmic-se...

Author: Steve Beattie
Author Date: 2010-12-03 20:40:41 UTC

Import patches-applied version 0.9.8g-16ubuntu3.5 to applied/ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: 35c68f28bab8455f0ba58dff62316c97c5ffaa50
Unapplied parent: a7cca11c6dc9d8ea80371873453079af37f009c6

New changelog entries:
  * SECURITY UPDATE: ciphersuite downgrade vulnerability
    - ssl/s3_clnt.c, ssl/s3_srvr.c: disable workaround for Netscape
      cipher suite bug
    - http://openssl.org/news/secadv_20101202.txt
    - CVE-2010-4180

ubuntu/dapper-devel 2010-12-08 00:06:10 UTC 2010-12-08
Import patches-unapplied version 0.9.8a-7ubuntu0.14 to ubuntu/dapper-security

Author: Steve Beattie
Author Date: 2010-12-03 21:15:15 UTC

Import patches-unapplied version 0.9.8a-7ubuntu0.14 to ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: 91cac03a5ea4d76c7379e3d7dc98beb7f020cf35

New changelog entries:
  * SECURITY UPDATE: ciphersuite downgrade vulnerability
    - ssl/s3_clnt.c, ssl/s3_srvr.c: disable workaround for Netscape
      cipher suite bug
    - http://openssl.org/news/secadv_20101202.txt
    - CVE-2010-4180

ubuntu/dapper-security 2010-12-08 00:06:10 UTC 2010-12-08
Import patches-unapplied version 0.9.8a-7ubuntu0.14 to ubuntu/dapper-security

Author: Steve Beattie
Author Date: 2010-12-03 21:15:15 UTC

Import patches-unapplied version 0.9.8a-7ubuntu0.14 to ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: 91cac03a5ea4d76c7379e3d7dc98beb7f020cf35

New changelog entries:
  * SECURITY UPDATE: ciphersuite downgrade vulnerability
    - ssl/s3_clnt.c, ssl/s3_srvr.c: disable workaround for Netscape
      cipher suite bug
    - http://openssl.org/news/secadv_20101202.txt
    - CVE-2010-4180

ubuntu/dapper-updates 2010-12-08 00:06:10 UTC 2010-12-08
Import patches-unapplied version 0.9.8a-7ubuntu0.14 to ubuntu/dapper-security

Author: Steve Beattie
Author Date: 2010-12-03 21:15:15 UTC

Import patches-unapplied version 0.9.8a-7ubuntu0.14 to ubuntu/dapper-security

Imported using git-ubuntu import.

Changelog parent: 91cac03a5ea4d76c7379e3d7dc98beb7f020cf35

New changelog entries:
  * SECURITY UPDATE: ciphersuite downgrade vulnerability
    - ssl/s3_clnt.c, ssl/s3_srvr.c: disable workaround for Netscape
      cipher suite bug
    - http://openssl.org/news/secadv_20101202.txt
    - CVE-2010-4180

applied/ubuntu/karmic-updates 2010-12-08 00:06:10 UTC 2010-12-08
Import patches-applied version 0.9.8g-16ubuntu3.5 to applied/ubuntu/karmic-se...

Author: Steve Beattie
Author Date: 2010-12-03 20:40:41 UTC

Import patches-applied version 0.9.8g-16ubuntu3.5 to applied/ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: 35c68f28bab8455f0ba58dff62316c97c5ffaa50
Unapplied parent: a7cca11c6dc9d8ea80371873453079af37f009c6

New changelog entries:
  * SECURITY UPDATE: ciphersuite downgrade vulnerability
    - ssl/s3_clnt.c, ssl/s3_srvr.c: disable workaround for Netscape
      cipher suite bug
    - http://openssl.org/news/secadv_20101202.txt
    - CVE-2010-4180

ubuntu/jaunty-devel 2010-10-07 14:26:20 UTC 2010-10-07
Import patches-unapplied version 0.9.8g-15ubuntu3.6 to ubuntu/jaunty-security

Author: Marc Deslauriers
Author Date: 2010-10-06 21:50:37 UTC

Import patches-unapplied version 0.9.8g-15ubuntu3.6 to ubuntu/jaunty-security

Imported using git-ubuntu import.

Changelog parent: 85cd9f682df355946096dd9a8023f8dee19eafb9

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    unchecked bn_wexpand return values. (LP: #655884)
    - crypto/bn/{bn_mul,bn_div,bn_gf2m}.c, crypto/ec/ec2_smpl.c,
      engines/e_ubsec.c: check return values.
    - http://cvs.openssl.org/chngview?cn=18936
    - http://cvs.openssl.org/chngview?cn=19309
    - CVE-2009-3245
  * SECURITY UPDATE: denial of service and possible code execution via
    crafted private key with an invalid prime.
    - ssl/s3_clnt.c: set bn_ctx to NULL after freeing it.
    - http://www.mail-archive.com/openssl-dev@openssl.org/msg28049.html
    - CVE-2010-2939

applied/ubuntu/jaunty-security 2010-10-07 14:26:20 UTC 2010-10-07
Import patches-applied version 0.9.8g-15ubuntu3.6 to applied/ubuntu/jaunty-se...

Author: Marc Deslauriers
Author Date: 2010-10-06 21:50:37 UTC

Import patches-applied version 0.9.8g-15ubuntu3.6 to applied/ubuntu/jaunty-security

Imported using git-ubuntu import.

Changelog parent: 72f08957fbb34988c01e5b478e6188ae686e3724
Unapplied parent: 9fb4e76fdfda245de07dcfab63200011e2e2b067

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    unchecked bn_wexpand return values. (LP: #655884)
    - crypto/bn/{bn_mul,bn_div,bn_gf2m}.c, crypto/ec/ec2_smpl.c,
      engines/e_ubsec.c: check return values.
    - http://cvs.openssl.org/chngview?cn=18936
    - http://cvs.openssl.org/chngview?cn=19309
    - CVE-2009-3245
  * SECURITY UPDATE: denial of service and possible code execution via
    crafted private key with an invalid prime.
    - ssl/s3_clnt.c: set bn_ctx to NULL after freeing it.
    - http://www.mail-archive.com/openssl-dev@openssl.org/msg28049.html
    - CVE-2010-2939

applied/ubuntu/jaunty-devel 2010-10-07 14:26:20 UTC 2010-10-07
Import patches-applied version 0.9.8g-15ubuntu3.6 to applied/ubuntu/jaunty-se...

Author: Marc Deslauriers
Author Date: 2010-10-06 21:50:37 UTC

Import patches-applied version 0.9.8g-15ubuntu3.6 to applied/ubuntu/jaunty-security

Imported using git-ubuntu import.

Changelog parent: 72f08957fbb34988c01e5b478e6188ae686e3724
Unapplied parent: 9fb4e76fdfda245de07dcfab63200011e2e2b067

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    unchecked bn_wexpand return values. (LP: #655884)
    - crypto/bn/{bn_mul,bn_div,bn_gf2m}.c, crypto/ec/ec2_smpl.c,
      engines/e_ubsec.c: check return values.
    - http://cvs.openssl.org/chngview?cn=18936
    - http://cvs.openssl.org/chngview?cn=19309
    - CVE-2009-3245
  * SECURITY UPDATE: denial of service and possible code execution via
    crafted private key with an invalid prime.
    - ssl/s3_clnt.c: set bn_ctx to NULL after freeing it.
    - http://www.mail-archive.com/openssl-dev@openssl.org/msg28049.html
    - CVE-2010-2939

ubuntu/jaunty-updates 2010-10-07 14:26:20 UTC 2010-10-07
Import patches-unapplied version 0.9.8g-15ubuntu3.6 to ubuntu/jaunty-security

Author: Marc Deslauriers
Author Date: 2010-10-06 21:50:37 UTC

Import patches-unapplied version 0.9.8g-15ubuntu3.6 to ubuntu/jaunty-security

Imported using git-ubuntu import.

Changelog parent: 85cd9f682df355946096dd9a8023f8dee19eafb9

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    unchecked bn_wexpand return values. (LP: #655884)
    - crypto/bn/{bn_mul,bn_div,bn_gf2m}.c, crypto/ec/ec2_smpl.c,
      engines/e_ubsec.c: check return values.
    - http://cvs.openssl.org/chngview?cn=18936
    - http://cvs.openssl.org/chngview?cn=19309
    - CVE-2009-3245
  * SECURITY UPDATE: denial of service and possible code execution via
    crafted private key with an invalid prime.
    - ssl/s3_clnt.c: set bn_ctx to NULL after freeing it.
    - http://www.mail-archive.com/openssl-dev@openssl.org/msg28049.html
    - CVE-2010-2939

ubuntu/jaunty-security 2010-10-07 14:26:20 UTC 2010-10-07
Import patches-unapplied version 0.9.8g-15ubuntu3.6 to ubuntu/jaunty-security

Author: Marc Deslauriers
Author Date: 2010-10-06 21:50:37 UTC

Import patches-unapplied version 0.9.8g-15ubuntu3.6 to ubuntu/jaunty-security

Imported using git-ubuntu import.

Changelog parent: 85cd9f682df355946096dd9a8023f8dee19eafb9

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    unchecked bn_wexpand return values. (LP: #655884)
    - crypto/bn/{bn_mul,bn_div,bn_gf2m}.c, crypto/ec/ec2_smpl.c,
      engines/e_ubsec.c: check return values.
    - http://cvs.openssl.org/chngview?cn=18936
    - http://cvs.openssl.org/chngview?cn=19309
    - CVE-2009-3245
  * SECURITY UPDATE: denial of service and possible code execution via
    crafted private key with an invalid prime.
    - ssl/s3_clnt.c: set bn_ctx to NULL after freeing it.
    - http://www.mail-archive.com/openssl-dev@openssl.org/msg28049.html
    - CVE-2010-2939

applied/ubuntu/jaunty-updates 2010-10-07 14:26:20 UTC 2010-10-07
Import patches-applied version 0.9.8g-15ubuntu3.6 to applied/ubuntu/jaunty-se...

Author: Marc Deslauriers
Author Date: 2010-10-06 21:50:37 UTC

Import patches-applied version 0.9.8g-15ubuntu3.6 to applied/ubuntu/jaunty-security

Imported using git-ubuntu import.

Changelog parent: 72f08957fbb34988c01e5b478e6188ae686e3724
Unapplied parent: 9fb4e76fdfda245de07dcfab63200011e2e2b067

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    unchecked bn_wexpand return values. (LP: #655884)
    - crypto/bn/{bn_mul,bn_div,bn_gf2m}.c, crypto/ec/ec2_smpl.c,
      engines/e_ubsec.c: check return values.
    - http://cvs.openssl.org/chngview?cn=18936
    - http://cvs.openssl.org/chngview?cn=19309
    - CVE-2009-3245
  * SECURITY UPDATE: denial of service and possible code execution via
    crafted private key with an invalid prime.
    - ssl/s3_clnt.c: set bn_ctx to NULL after freeing it.
    - http://www.mail-archive.com/openssl-dev@openssl.org/msg28049.html
    - CVE-2010-2939

applied/ubuntu/maverick 2010-09-24 17:04:40 UTC 2010-09-24
Import patches-applied version 0.9.8o-1ubuntu4 to applied/ubuntu/maverick

Author: Colin Watson
Author Date: 2010-09-24 11:20:49 UTC

Import patches-applied version 0.9.8o-1ubuntu4 to applied/ubuntu/maverick

Imported using git-ubuntu import.

Changelog parent: 4f47c1a4220ef915af8881012927348ffbe8eea2
Unapplied parent: 1b2d6c7aa9d0cff0b9efbe01f082d74849169bbc

New changelog entries:
  * Update AES-NI patch to openssl-0.9.8-aesni-modes-perlasm-win32-v4.patch
    from http://rt.openssl.org/Ticket/Display.html?id=2067, fixing segfault
    on engine initialisation (LP: #590639).

ubuntu/maverick 2010-09-24 17:04:40 UTC 2010-09-24
Import patches-unapplied version 0.9.8o-1ubuntu4 to ubuntu/maverick

Author: Colin Watson
Author Date: 2010-09-24 11:20:49 UTC

Import patches-unapplied version 0.9.8o-1ubuntu4 to ubuntu/maverick

Imported using git-ubuntu import.

Changelog parent: 80b3e62fe80f4b86385865af2acced55dcf83c56

New changelog entries:
  * Update AES-NI patch to openssl-0.9.8-aesni-modes-perlasm-win32-v4.patch
    from http://rt.openssl.org/Ticket/Display.html?id=2067, fixing segfault
    on engine initialisation (LP: #590639).

applied/ubuntu/dapper-proposed 2010-08-18 21:05:45 UTC 2010-08-18
Import patches-applied version 0.9.8a-7ubuntu0.12 to applied/ubuntu/dapper-pr...

Author: Marc Deslauriers
Author Date: 2010-08-12 12:37:24 UTC

Import patches-applied version 0.9.8a-7ubuntu0.12 to applied/ubuntu/dapper-proposed

Imported using git-ubuntu import.

Changelog parent: a5670fd05cc59847b7d96bbccba56a1e7fe8b7aa
Unapplied parent: 8d599ee19e4bd84caf0b6288be5eae8ade71a55b

New changelog entries:
  * SECURITY UPDATE: TLS renegotiation flaw (LP: #616759)
    - apps/{s_client,s_server}.c, doc/ssl/SSL_CTX_set_options.pod,
      ssl/{d1_both,d1_clnt,d1_srvr,s23_clnt,s3_both,s3_clnt,s3_pkt,s3_srvr,
      ssl_err,ssl_lib,t1_lib,t1_reneg}.c, ssl/Makefile, ssl/{ssl3,ssl,
      ssl_locl,tls1}.h: add rfc5746 support. Patch backport thanks to
      Red Hat.
    - CVE-2009-3555

ubuntu/jaunty-proposed 2010-08-18 21:05:45 UTC 2010-08-18
Import patches-unapplied version 0.9.8g-15ubuntu3.5 to ubuntu/jaunty-proposed

Author: Marc Deslauriers
Author Date: 2010-08-12 12:34:41 UTC

Import patches-unapplied version 0.9.8g-15ubuntu3.5 to ubuntu/jaunty-proposed

Imported using git-ubuntu import.

Changelog parent: fda7ab81d43bd08084ed0846d72bb6059d1ed147

New changelog entries:
  * SECURITY UPDATE: TLS renegotiation flaw (LP: #616759)
    - apps/{s_cb,s_client,s_server}.c, doc/ssl/SSL_CTX_set_options.pod,
      ssl/{d1_both,d1_clnt,d1_srvr,s3_both,s3_clnt,s3_pkt,s3_srvr,ssl_err,
      ssl_lib,t1_lib,t1_reneg}.c, ssl/Makefile, ssl/{ssl3,ssl,ssl_locl,
      tls1}.h: backport rfc5746 support from openssl 0.9.8m.
    - CVE-2009-3555

applied/ubuntu/jaunty-proposed 2010-08-18 21:05:45 UTC 2010-08-18
Import patches-applied version 0.9.8g-15ubuntu3.5 to applied/ubuntu/jaunty-pr...

Author: Marc Deslauriers
Author Date: 2010-08-12 12:34:41 UTC

Import patches-applied version 0.9.8g-15ubuntu3.5 to applied/ubuntu/jaunty-proposed

Imported using git-ubuntu import.

Changelog parent: 6172183460d30654238f839ddecc4db13f4c15dd
Unapplied parent: 85cd9f682df355946096dd9a8023f8dee19eafb9

New changelog entries:
  * SECURITY UPDATE: TLS renegotiation flaw (LP: #616759)
    - apps/{s_cb,s_client,s_server}.c, doc/ssl/SSL_CTX_set_options.pod,
      ssl/{d1_both,d1_clnt,d1_srvr,s3_both,s3_clnt,s3_pkt,s3_srvr,ssl_err,
      ssl_lib,t1_lib,t1_reneg}.c, ssl/Makefile, ssl/{ssl3,ssl,ssl_locl,
      tls1}.h: backport rfc5746 support from openssl 0.9.8m.
    - CVE-2009-3555

applied/ubuntu/hardy-proposed 2010-08-18 21:05:45 UTC 2010-08-18
Import patches-applied version 0.9.8g-4ubuntu3.10 to applied/ubuntu/hardy-pro...

Author: Marc Deslauriers
Author Date: 2010-08-12 12:35:55 UTC

Import patches-applied version 0.9.8g-4ubuntu3.10 to applied/ubuntu/hardy-proposed

Imported using git-ubuntu import.

Changelog parent: 81a9d8aebf9052305de903fb794a9eb16cff4360
Unapplied parent: 9181eea4a719ed4067ec7e63cce910ddf160266b

New changelog entries:
  * SECURITY UPDATE: TLS renegotiation flaw (LP: #616759)
    - apps/{s_cb,s_client,s_server}.c, doc/ssl/SSL_CTX_set_options.pod,
      ssl/{d1_both,d1_clnt,d1_srvr,s3_both,s3_clnt,s3_pkt,s3_srvr,ssl_err,
      ssl_lib,t1_lib,t1_reneg}.c, ssl/Makefile, ssl/{ssl3,ssl,ssl_locl,
      tls1}.h: backport rfc5746 support from openssl 0.9.8m.
    - CVE-2009-3555
  * Enable tlsext, and backport some patches from jaunty now that tlsext is
    enabled.
    - Fix a problem with tlsext preventing firefox 3 from connection.
    - Don't add extentions to ssl v3 connections. It breaks with some
      other software.

ubuntu/dapper-proposed 2010-08-18 21:05:45 UTC 2010-08-18
Import patches-unapplied version 0.9.8a-7ubuntu0.12 to ubuntu/dapper-proposed

Author: Marc Deslauriers
Author Date: 2010-08-12 12:37:24 UTC

Import patches-unapplied version 0.9.8a-7ubuntu0.12 to ubuntu/dapper-proposed

Imported using git-ubuntu import.

Changelog parent: 131259e4b8a2eed83f5da7f36ac6d529d2b64082

New changelog entries:
  * SECURITY UPDATE: TLS renegotiation flaw (LP: #616759)
    - apps/{s_client,s_server}.c, doc/ssl/SSL_CTX_set_options.pod,
      ssl/{d1_both,d1_clnt,d1_srvr,s23_clnt,s3_both,s3_clnt,s3_pkt,s3_srvr,
      ssl_err,ssl_lib,t1_lib,t1_reneg}.c, ssl/Makefile, ssl/{ssl3,ssl,
      ssl_locl,tls1}.h: add rfc5746 support. Patch backport thanks to
      Red Hat.
    - CVE-2009-3555

applied/ubuntu/karmic-proposed 2010-08-18 21:05:45 UTC 2010-08-18
Import patches-applied version 0.9.8g-16ubuntu3.2 to applied/ubuntu/karmic-pr...

Author: Marc Deslauriers
Author Date: 2010-08-12 12:32:19 UTC

Import patches-applied version 0.9.8g-16ubuntu3.2 to applied/ubuntu/karmic-proposed

Imported using git-ubuntu import.

Changelog parent: c31ac88c574b9bc827c3926124f4179a0d8274ad
Unapplied parent: cb34ed53bc8003353d30ab3e13fde86a59e3b366

New changelog entries:
  * SECURITY UPDATE: TLS renegotiation flaw (LP: #616759)
    - apps/{s_cb,s_client,s_server}.c, doc/ssl/SSL_CTX_set_options.pod,
      ssl/{d1_both,d1_clnt,d1_srvr,s3_both,s3_clnt,s3_pkt,s3_srvr,ssl_err,
      ssl_lib,t1_lib,t1_reneg}.c, ssl/Makefile, ssl/{ssl3,ssl,ssl_locl,
      tls1}.h: backport rfc5746 support from openssl 0.9.8m.
    - CVE-2009-3555

ubuntu/karmic-proposed 2010-08-18 21:05:45 UTC 2010-08-18
Import patches-unapplied version 0.9.8g-16ubuntu3.2 to ubuntu/karmic-proposed

Author: Marc Deslauriers
Author Date: 2010-08-12 12:32:19 UTC

Import patches-unapplied version 0.9.8g-16ubuntu3.2 to ubuntu/karmic-proposed

Imported using git-ubuntu import.

Changelog parent: ba18c86ffa81a88489864cd8b8528bca6d6d8e94

New changelog entries:
  * SECURITY UPDATE: TLS renegotiation flaw (LP: #616759)
    - apps/{s_cb,s_client,s_server}.c, doc/ssl/SSL_CTX_set_options.pod,
      ssl/{d1_both,d1_clnt,d1_srvr,s3_both,s3_clnt,s3_pkt,s3_srvr,ssl_err,
      ssl_lib,t1_lib,t1_reneg}.c, ssl/Makefile, ssl/{ssl3,ssl,ssl_locl,
      tls1}.h: backport rfc5746 support from openssl 0.9.8m.
    - CVE-2009-3555

ubuntu/hardy-proposed 2010-08-18 21:05:45 UTC 2010-08-18
Import patches-unapplied version 0.9.8g-4ubuntu3.10 to ubuntu/hardy-proposed

Author: Marc Deslauriers
Author Date: 2010-08-12 12:35:55 UTC

Import patches-unapplied version 0.9.8g-4ubuntu3.10 to ubuntu/hardy-proposed

Imported using git-ubuntu import.

Changelog parent: 8917a16412136f272dba9cc7b2ca50826d2c2438

New changelog entries:
  * SECURITY UPDATE: TLS renegotiation flaw (LP: #616759)
    - apps/{s_cb,s_client,s_server}.c, doc/ssl/SSL_CTX_set_options.pod,
      ssl/{d1_both,d1_clnt,d1_srvr,s3_both,s3_clnt,s3_pkt,s3_srvr,ssl_err,
      ssl_lib,t1_lib,t1_reneg}.c, ssl/Makefile, ssl/{ssl3,ssl,ssl_locl,
      tls1}.h: backport rfc5746 support from openssl 0.9.8m.
    - CVE-2009-3555
  * Enable tlsext, and backport some patches from jaunty now that tlsext is
    enabled.
    - Fix a problem with tlsext preventing firefox 3 from connection.
    - Don't add extentions to ssl v3 connections. It breaks with some
      other software.

applied/ubuntu/lucid 2010-03-30 14:04:52 UTC 2010-03-30
Import patches-applied version 0.9.8k-7ubuntu8 to applied/ubuntu/lucid

Author: Marc Deslauriers
Author Date: 2010-03-30 12:57:51 UTC

Import patches-applied version 0.9.8k-7ubuntu8 to applied/ubuntu/lucid

Imported using git-ubuntu import.

Changelog parent: 890f5fb5f328e705696d24879336b55d00a2291a
Unapplied parent: 924e4c75ee77f27f2601c49acf8658ed3cb76c5a

New changelog entries:
  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via unchecked return values
    - debian/patches/CVE-2009-3245.patch: check bn_wexpand return value in
      crypto/bn/{bn_div.c,bn_gf2m.c,bn_mul.c}, crypto/ec/ec2_smpl.c,
      engines/e_ubsec.c.
    - CVE-2009-3245
  * SECURITY UPDATE: denial of service via "record of death"
    - debian/patches/CVE-2010-0740.patch: only send back minor version
      number in ssl/s3_pkt.c.
    - CVE-2010-0740

ubuntu/lucid 2010-03-30 14:04:52 UTC 2010-03-30
Import patches-unapplied version 0.9.8k-7ubuntu8 to ubuntu/lucid

Author: Marc Deslauriers
Author Date: 2010-03-30 12:57:51 UTC

Import patches-unapplied version 0.9.8k-7ubuntu8 to ubuntu/lucid

Imported using git-ubuntu import.

Changelog parent: a6f317ff3114850f3d2b3776511b96d322654b7e

New changelog entries:
  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via unchecked return values
    - debian/patches/CVE-2009-3245.patch: check bn_wexpand return value in
      crypto/bn/{bn_div.c,bn_gf2m.c,bn_mul.c}, crypto/ec/ec2_smpl.c,
      engines/e_ubsec.c.
    - CVE-2009-3245
  * SECURITY UPDATE: denial of service via "record of death"
    - debian/patches/CVE-2010-0740.patch: only send back minor version
      number in ssl/s3_pkt.c.
    - CVE-2010-0740

applied/ubuntu/intrepid-devel 2010-01-14 01:05:29 UTC 2010-01-14
Import patches-applied version 0.9.8g-10.1ubuntu2.6 to applied/ubuntu/intrepi...

Author: Kees Cook
Author Date: 2010-01-13 19:19:14 UTC

Import patches-applied version 0.9.8g-10.1ubuntu2.6 to applied/ubuntu/intrepid-security

Imported using git-ubuntu import.

Changelog parent: ce34012cc150501fdc9b926c5fadcdad9385e76c
Unapplied parent: 3962b2f78d25d8da76f8584e221604b8d0b7c5b3

New changelog entries:
  * SECURITY UPDATE: memory leak possible during state clean-up.
    - crypto/comp/c_zlib.c: upstream fixes applied inline.
    - CVE-2009-4355

ubuntu/intrepid-devel 2010-01-14 01:05:29 UTC 2010-01-14
Import patches-unapplied version 0.9.8g-10.1ubuntu2.6 to ubuntu/intrepid-secu...

Author: Kees Cook
Author Date: 2010-01-13 19:19:14 UTC

Import patches-unapplied version 0.9.8g-10.1ubuntu2.6 to ubuntu/intrepid-security

Imported using git-ubuntu import.

Changelog parent: 062a9ddd99cd8154fff7d79c0916ea8f505c07d8

New changelog entries:
  * SECURITY UPDATE: memory leak possible during state clean-up.
    - crypto/comp/c_zlib.c: upstream fixes applied inline.
    - CVE-2009-4355

ubuntu/intrepid-security 2010-01-14 01:05:29 UTC 2010-01-14
Import patches-unapplied version 0.9.8g-10.1ubuntu2.6 to ubuntu/intrepid-secu...

Author: Kees Cook
Author Date: 2010-01-13 19:19:14 UTC

Import patches-unapplied version 0.9.8g-10.1ubuntu2.6 to ubuntu/intrepid-security

Imported using git-ubuntu import.

Changelog parent: 062a9ddd99cd8154fff7d79c0916ea8f505c07d8

New changelog entries:
  * SECURITY UPDATE: memory leak possible during state clean-up.
    - crypto/comp/c_zlib.c: upstream fixes applied inline.
    - CVE-2009-4355

ubuntu/intrepid-updates 2010-01-14 01:05:29 UTC 2010-01-14
Import patches-unapplied version 0.9.8g-10.1ubuntu2.6 to ubuntu/intrepid-secu...

Author: Kees Cook
Author Date: 2010-01-13 19:19:14 UTC

Import patches-unapplied version 0.9.8g-10.1ubuntu2.6 to ubuntu/intrepid-security

Imported using git-ubuntu import.

Changelog parent: 062a9ddd99cd8154fff7d79c0916ea8f505c07d8

New changelog entries:
  * SECURITY UPDATE: memory leak possible during state clean-up.
    - crypto/comp/c_zlib.c: upstream fixes applied inline.
    - CVE-2009-4355

applied/ubuntu/intrepid-updates 2010-01-14 01:05:29 UTC 2010-01-14
Import patches-applied version 0.9.8g-10.1ubuntu2.6 to applied/ubuntu/intrepi...

Author: Kees Cook
Author Date: 2010-01-13 19:19:14 UTC

Import patches-applied version 0.9.8g-10.1ubuntu2.6 to applied/ubuntu/intrepid-security

Imported using git-ubuntu import.

Changelog parent: ce34012cc150501fdc9b926c5fadcdad9385e76c
Unapplied parent: 3962b2f78d25d8da76f8584e221604b8d0b7c5b3

New changelog entries:
  * SECURITY UPDATE: memory leak possible during state clean-up.
    - crypto/comp/c_zlib.c: upstream fixes applied inline.
    - CVE-2009-4355

applied/ubuntu/intrepid-security 2010-01-14 01:05:29 UTC 2010-01-14
Import patches-applied version 0.9.8g-10.1ubuntu2.6 to applied/ubuntu/intrepi...

Author: Kees Cook
Author Date: 2010-01-13 19:19:14 UTC

Import patches-applied version 0.9.8g-10.1ubuntu2.6 to applied/ubuntu/intrepid-security

Imported using git-ubuntu import.

Changelog parent: ce34012cc150501fdc9b926c5fadcdad9385e76c
Unapplied parent: 3962b2f78d25d8da76f8584e221604b8d0b7c5b3

New changelog entries:
  * SECURITY UPDATE: memory leak possible during state clean-up.
    - crypto/comp/c_zlib.c: upstream fixes applied inline.
    - CVE-2009-4355

ubuntu/karmic 2009-09-09 16:04:32 UTC 2009-09-09
Import patches-unapplied version 0.9.8g-16ubuntu3 to ubuntu/karmic

Author: Marc Deslauriers
Author Date: 2009-09-08 18:59:05 UTC

Import patches-unapplied version 0.9.8g-16ubuntu3 to ubuntu/karmic

Imported using git-ubuntu import.

Changelog parent: 985d8098848c164fee083faa5116815286e94d1e

New changelog entries:
  * SECURITY UPDATE: certificate spoofing via hash collisions from MD2
    design flaws.
    - crypto/evp/c_alld.c, ssl/ssl_algs.c: disable MD2 digest.
    - crypto/x509/x509_vfy.c: skip signature check for self signed
      certificates
    - http://marc.info/?l=openssl-cvs&m=124508133203041&w=2
    - http://marc.info/?l=openssl-cvs&m=124704528713852&w=2
    - CVE-2009-2409

applied/ubuntu/karmic 2009-09-09 16:04:32 UTC 2009-09-09
Import patches-applied version 0.9.8g-16ubuntu3 to applied/ubuntu/karmic

Author: Marc Deslauriers
Author Date: 2009-09-08 18:59:05 UTC

Import patches-applied version 0.9.8g-16ubuntu3 to applied/ubuntu/karmic

Imported using git-ubuntu import.

Changelog parent: 22033b5875d1b19b09fada8901ec13ce5d946cdf
Unapplied parent: 74bf0e923090036ed0bf6da4f7e0e0d625e8aa6f

New changelog entries:
  * SECURITY UPDATE: certificate spoofing via hash collisions from MD2
    design flaws.
    - crypto/evp/c_alld.c, ssl/ssl_algs.c: disable MD2 digest.
    - crypto/x509/x509_vfy.c: skip signature check for self signed
      certificates
    - http://marc.info/?l=openssl-cvs&m=124508133203041&w=2
    - http://marc.info/?l=openssl-cvs&m=124704528713852&w=2
    - CVE-2009-2409

ubuntu/gutsy-security 2009-03-30 23:04:13 UTC 2009-03-30
Import patches-unapplied version 0.9.8e-5ubuntu3.4 to ubuntu/gutsy-security

Author: Jamie Strandboge
Author Date: 2009-03-26 19:13:35 UTC

Import patches-unapplied version 0.9.8e-5ubuntu3.4 to ubuntu/gutsy-security

Imported using git-ubuntu import.

Changelog parent: cbd31c777ba3c8e8f28a9a638b23c27b8e4ceee8

New changelog entries:
  * SECURITY UPDATE: crash via invalid memory access when printing BMPString
    or UniversalString with invalid length
    - crypto/asn1/tasn_dec.c, crypto/asn1/asn1_err.c and crypto/asn1/asn1.h:
      return error if invalid length
    - CVE-2009-0590
    - http://www.openssl.org/news/secadv_20090325.txt
    - patch from upstream CVS:
      crypto/asn1/asn1.h:1.128.2.11->1.128.2.12
      crypto/asn1/asn1_err.c:1.54.2.4->1.54.2.5
      crypto/asn1/tasn_dec.c:1.26.2.10->1.26.2.11

ubuntu/gutsy-devel 2009-03-30 23:04:13 UTC 2009-03-30
Import patches-unapplied version 0.9.8e-5ubuntu3.4 to ubuntu/gutsy-security

Author: Jamie Strandboge
Author Date: 2009-03-26 19:13:35 UTC

Import patches-unapplied version 0.9.8e-5ubuntu3.4 to ubuntu/gutsy-security

Imported using git-ubuntu import.

Changelog parent: cbd31c777ba3c8e8f28a9a638b23c27b8e4ceee8

New changelog entries:
  * SECURITY UPDATE: crash via invalid memory access when printing BMPString
    or UniversalString with invalid length
    - crypto/asn1/tasn_dec.c, crypto/asn1/asn1_err.c and crypto/asn1/asn1.h:
      return error if invalid length
    - CVE-2009-0590
    - http://www.openssl.org/news/secadv_20090325.txt
    - patch from upstream CVS:
      crypto/asn1/asn1.h:1.128.2.11->1.128.2.12
      crypto/asn1/asn1_err.c:1.54.2.4->1.54.2.5
      crypto/asn1/tasn_dec.c:1.26.2.10->1.26.2.11

applied/ubuntu/gutsy-devel 2009-03-30 23:04:13 UTC 2009-03-30
Import patches-applied version 0.9.8e-5ubuntu3.4 to applied/ubuntu/gutsy-secu...

Author: Jamie Strandboge
Author Date: 2009-03-26 19:13:35 UTC

Import patches-applied version 0.9.8e-5ubuntu3.4 to applied/ubuntu/gutsy-security

Imported using git-ubuntu import.

Changelog parent: 4fb4b88683de7550ecc83154e54b7d7ed84a8470
Unapplied parent: 097a57652e549f86adc06412016f661af68be360

New changelog entries:
  * SECURITY UPDATE: crash via invalid memory access when printing BMPString
    or UniversalString with invalid length
    - crypto/asn1/tasn_dec.c, crypto/asn1/asn1_err.c and crypto/asn1/asn1.h:
      return error if invalid length
    - CVE-2009-0590
    - http://www.openssl.org/news/secadv_20090325.txt
    - patch from upstream CVS:
      crypto/asn1/asn1.h:1.128.2.11->1.128.2.12
      crypto/asn1/asn1_err.c:1.54.2.4->1.54.2.5
      crypto/asn1/tasn_dec.c:1.26.2.10->1.26.2.11

applied/ubuntu/gutsy-security 2009-03-30 23:04:13 UTC 2009-03-30
Import patches-applied version 0.9.8e-5ubuntu3.4 to applied/ubuntu/gutsy-secu...

Author: Jamie Strandboge
Author Date: 2009-03-26 19:13:35 UTC

Import patches-applied version 0.9.8e-5ubuntu3.4 to applied/ubuntu/gutsy-security

Imported using git-ubuntu import.

Changelog parent: 4fb4b88683de7550ecc83154e54b7d7ed84a8470
Unapplied parent: 097a57652e549f86adc06412016f661af68be360

New changelog entries:
  * SECURITY UPDATE: crash via invalid memory access when printing BMPString
    or UniversalString with invalid length
    - crypto/asn1/tasn_dec.c, crypto/asn1/asn1_err.c and crypto/asn1/asn1.h:
      return error if invalid length
    - CVE-2009-0590
    - http://www.openssl.org/news/secadv_20090325.txt
    - patch from upstream CVS:
      crypto/asn1/asn1.h:1.128.2.11->1.128.2.12
      crypto/asn1/asn1_err.c:1.54.2.4->1.54.2.5
      crypto/asn1/tasn_dec.c:1.26.2.10->1.26.2.11

ubuntu/gutsy-updates 2009-03-30 23:04:13 UTC 2009-03-30
Import patches-unapplied version 0.9.8e-5ubuntu3.4 to ubuntu/gutsy-security

Author: Jamie Strandboge
Author Date: 2009-03-26 19:13:35 UTC

Import patches-unapplied version 0.9.8e-5ubuntu3.4 to ubuntu/gutsy-security

Imported using git-ubuntu import.

Changelog parent: cbd31c777ba3c8e8f28a9a638b23c27b8e4ceee8

New changelog entries:
  * SECURITY UPDATE: crash via invalid memory access when printing BMPString
    or UniversalString with invalid length
    - crypto/asn1/tasn_dec.c, crypto/asn1/asn1_err.c and crypto/asn1/asn1.h:
      return error if invalid length
    - CVE-2009-0590
    - http://www.openssl.org/news/secadv_20090325.txt
    - patch from upstream CVS:
      crypto/asn1/asn1.h:1.128.2.11->1.128.2.12
      crypto/asn1/asn1_err.c:1.54.2.4->1.54.2.5
      crypto/asn1/tasn_dec.c:1.26.2.10->1.26.2.11

applied/ubuntu/gutsy-updates 2009-03-30 23:04:13 UTC 2009-03-30
Import patches-applied version 0.9.8e-5ubuntu3.4 to applied/ubuntu/gutsy-secu...

Author: Jamie Strandboge
Author Date: 2009-03-26 19:13:35 UTC

Import patches-applied version 0.9.8e-5ubuntu3.4 to applied/ubuntu/gutsy-security

Imported using git-ubuntu import.

Changelog parent: 4fb4b88683de7550ecc83154e54b7d7ed84a8470
Unapplied parent: 097a57652e549f86adc06412016f661af68be360

New changelog entries:
  * SECURITY UPDATE: crash via invalid memory access when printing BMPString
    or UniversalString with invalid length
    - crypto/asn1/tasn_dec.c, crypto/asn1/asn1_err.c and crypto/asn1/asn1.h:
      return error if invalid length
    - CVE-2009-0590
    - http://www.openssl.org/news/secadv_20090325.txt
    - patch from upstream CVS:
      crypto/asn1/asn1.h:1.128.2.11->1.128.2.12
      crypto/asn1/asn1_err.c:1.54.2.4->1.54.2.5
      crypto/asn1/tasn_dec.c:1.26.2.10->1.26.2.11

ubuntu/jaunty 2009-03-27 13:44:46 UTC 2009-03-27
Import patches-unapplied version 0.9.8g-15ubuntu3 to ubuntu/jaunty

Author: Jamie Strandboge
Author Date: 2009-03-27 13:23:35 UTC

Import patches-unapplied version 0.9.8g-15ubuntu3 to ubuntu/jaunty

Imported using git-ubuntu import.

Changelog parent: f791860940867e68ef7c0f039b8da0ca6224a9b2

New changelog entries:
  * SECURITY UPDATE: crash via invalid memory access when printing BMPString
    or UniversalString with invalid length
    - crypto/asn1/tasn_dec.c, crypto/asn1/asn1_err.c and crypto/asn1/asn1.h:
      return error if invalid length
    - CVE-2009-0590
    - http://www.openssl.org/news/secadv_20090325.txt
    - patch from upstream CVS:
      crypto/asn1/asn1.h:1.128.2.11->1.128.2.12
      crypto/asn1/asn1_err.c:1.54.2.4->1.54.2.5
      crypto/asn1/tasn_dec.c:1.26.2.10->1.26.2.11

applied/ubuntu/jaunty 2009-03-27 13:44:46 UTC 2009-03-27
Import patches-applied version 0.9.8g-15ubuntu3 to applied/ubuntu/jaunty

Author: Jamie Strandboge
Author Date: 2009-03-27 13:23:35 UTC

Import patches-applied version 0.9.8g-15ubuntu3 to applied/ubuntu/jaunty

Imported using git-ubuntu import.

Changelog parent: 666da930ecd8b00d0afc0a1cf755e24e229415fc
Unapplied parent: 1b94937b3782720f97ad0329c5fd97b1ce112430

New changelog entries:
  * SECURITY UPDATE: crash via invalid memory access when printing BMPString
    or UniversalString with invalid length
    - crypto/asn1/tasn_dec.c, crypto/asn1/asn1_err.c and crypto/asn1/asn1.h:
      return error if invalid length
    - CVE-2009-0590
    - http://www.openssl.org/news/secadv_20090325.txt
    - patch from upstream CVS:
      crypto/asn1/asn1.h:1.128.2.11->1.128.2.12
      crypto/asn1/asn1_err.c:1.54.2.4->1.54.2.5
      crypto/asn1/tasn_dec.c:1.26.2.10->1.26.2.11

ubuntu/intrepid 2008-07-25 19:04:46 UTC 2008-07-25
Import patches-unapplied version 0.9.8g-10.1ubuntu2 to ubuntu/intrepid

Author: Ante Karamatić
Author Date: 2008-07-24 10:47:09 UTC

Import patches-unapplied version 0.9.8g-10.1ubuntu2 to ubuntu/intrepid

Imported using git-ubuntu import.

Changelog parent: d97c50a90d78dea1efdf3dafcd4f3cb704127c5d

New changelog entries:
  * debian/rules:
    - disable SSLv2 during compile
  * debian/README.debian
    - add note about disabled SSLv2 in Ubuntu

applied/ubuntu/intrepid 2008-07-25 19:04:46 UTC 2008-07-25
Import patches-applied version 0.9.8g-10.1ubuntu2 to applied/ubuntu/intrepid

Author: Ante Karamatić
Author Date: 2008-07-24 10:47:09 UTC

Import patches-applied version 0.9.8g-10.1ubuntu2 to applied/ubuntu/intrepid

Imported using git-ubuntu import.

Changelog parent: ec71d35554293f9a0e2b83d266a3694e74a3bd60
Unapplied parent: f17aa4854fc1de3bbc4eb834ca31ffa24470bfd0

New changelog entries:
  * debian/rules:
    - disable SSLv2 during compile
  * debian/README.debian
    - add note about disabled SSLv2 in Ubuntu

ubuntu/feisty-updates 2008-05-13 13:10:01 UTC 2008-05-13
Import patches-unapplied version 0.9.8c-4ubuntu0.3 to ubuntu/feisty-security

Author: Kees Cook
Author Date: 2008-05-09 04:45:57 UTC

Import patches-unapplied version 0.9.8c-4ubuntu0.3 to ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: d968188925426e925e8c7078074ea6d9793adba2

New changelog entries:
  * SECURITY UPDATE: PRNG seeding was not fully operational.
  * crypto/rand/md_rand.c: restore upstream code.

applied/ubuntu/feisty-security 2008-05-13 13:10:01 UTC 2008-05-13
Import patches-applied version 0.9.8c-4ubuntu0.3 to applied/ubuntu/feisty-sec...

Author: Kees Cook
Author Date: 2008-05-09 04:45:57 UTC

Import patches-applied version 0.9.8c-4ubuntu0.3 to applied/ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: 66ce02f3660b5cedde6bcf4aa64caa355e777b0e
Unapplied parent: 17fb35fff0ad8a1b2e5885df99354e7fad6b0831

New changelog entries:
  * SECURITY UPDATE: PRNG seeding was not fully operational.
  * crypto/rand/md_rand.c: restore upstream code.

applied/ubuntu/feisty-devel 2008-05-13 13:10:01 UTC 2008-05-13
Import patches-applied version 0.9.8c-4ubuntu0.3 to applied/ubuntu/feisty-sec...

Author: Kees Cook
Author Date: 2008-05-09 04:45:57 UTC

Import patches-applied version 0.9.8c-4ubuntu0.3 to applied/ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: 66ce02f3660b5cedde6bcf4aa64caa355e777b0e
Unapplied parent: 17fb35fff0ad8a1b2e5885df99354e7fad6b0831

New changelog entries:
  * SECURITY UPDATE: PRNG seeding was not fully operational.
  * crypto/rand/md_rand.c: restore upstream code.

applied/ubuntu/feisty-updates 2008-05-13 13:10:01 UTC 2008-05-13
Import patches-applied version 0.9.8c-4ubuntu0.3 to applied/ubuntu/feisty-sec...

Author: Kees Cook
Author Date: 2008-05-09 04:45:57 UTC

Import patches-applied version 0.9.8c-4ubuntu0.3 to applied/ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: 66ce02f3660b5cedde6bcf4aa64caa355e777b0e
Unapplied parent: 17fb35fff0ad8a1b2e5885df99354e7fad6b0831

New changelog entries:
  * SECURITY UPDATE: PRNG seeding was not fully operational.
  * crypto/rand/md_rand.c: restore upstream code.

ubuntu/feisty-security 2008-05-13 13:10:01 UTC 2008-05-13
Import patches-unapplied version 0.9.8c-4ubuntu0.3 to ubuntu/feisty-security

Author: Kees Cook
Author Date: 2008-05-09 04:45:57 UTC

Import patches-unapplied version 0.9.8c-4ubuntu0.3 to ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: d968188925426e925e8c7078074ea6d9793adba2

New changelog entries:
  * SECURITY UPDATE: PRNG seeding was not fully operational.
  * crypto/rand/md_rand.c: restore upstream code.

ubuntu/feisty-devel 2008-05-13 13:10:01 UTC 2008-05-13
Import patches-unapplied version 0.9.8c-4ubuntu0.3 to ubuntu/feisty-security

Author: Kees Cook
Author Date: 2008-05-09 04:45:57 UTC

Import patches-unapplied version 0.9.8c-4ubuntu0.3 to ubuntu/feisty-security

Imported using git-ubuntu import.

Changelog parent: d968188925426e925e8c7078074ea6d9793adba2

New changelog entries:
  * SECURITY UPDATE: PRNG seeding was not fully operational.
  * crypto/rand/md_rand.c: restore upstream code.

ubuntu/hardy 2008-04-22 07:33:56 UTC 2008-04-22
Import patches-unapplied version 0.9.8g-4ubuntu3 to ubuntu/hardy

Author: Luke Yelavich
Author Date: 2008-04-22 00:50:53 UTC

Import patches-unapplied version 0.9.8g-4ubuntu3 to ubuntu/hardy

Imported using git-ubuntu import.

Changelog parent: 47340de722ffb33bc20f48e1ff8786a7a2d61f02

New changelog entries:
  * Use a different priority for libssl0.9.8/restart-services depending on whether
    a desktop, or server dist-upgrade is being performed. (LP: #91814)
  * Display a system restart required notification bubble on libssl0.9.8 upgrade.

applied/ubuntu/hardy 2008-04-22 07:33:56 UTC 2008-04-22
Import patches-applied version 0.9.8g-4ubuntu3 to applied/ubuntu/hardy

Author: Luke Yelavich
Author Date: 2008-04-22 00:50:53 UTC

Import patches-applied version 0.9.8g-4ubuntu3 to applied/ubuntu/hardy

Imported using git-ubuntu import.

Changelog parent: dc1257a8b7530a7318522645ef744d1ead1cae0c
Unapplied parent: 25bfffef091ccb266a37cb684441da62f9432d9d

New changelog entries:
  * Use a different priority for libssl0.9.8/restart-services depending on whether
    a desktop, or server dist-upgrade is being performed. (LP: #91814)
  * Display a system restart required notification bubble on libssl0.9.8 upgrade.

applied/ubuntu/edgy-updates 2007-10-22 18:05:21 UTC 2007-10-22
Import patches-applied version 0.9.8b-2ubuntu2.2 to applied/ubuntu/edgy-security

Author: Kees Cook
Author Date: 2007-10-19 16:59:38 UTC

Import patches-applied version 0.9.8b-2ubuntu2.2 to applied/ubuntu/edgy-security

Imported using git-ubuntu import.

Changelog parent: 773cbf8028c5f66061dad0beace27e954205344d
Unapplied parent: 526933118af459e8daaf655e0511c29f8c9a23bd

New changelog entries:
  * SECURITY UPDATE: DTLS implementation can lead to remote code execution.
  * ssl/{ssl_err,d1_both}.c, ssl/{dtls1,ssl}.h: patched inline with upstream
    fixes backported thanks to Ludwig Nussel.
  * References
    http://www.openssl.org/news/secadv_20071012.txt
    CVE-2007-4995

ubuntu/edgy-devel 2007-10-22 18:05:21 UTC 2007-10-22
Import patches-unapplied version 0.9.8b-2ubuntu2.2 to ubuntu/edgy-security

Author: Kees Cook
Author Date: 2007-10-19 16:59:38 UTC

Import patches-unapplied version 0.9.8b-2ubuntu2.2 to ubuntu/edgy-security

Imported using git-ubuntu import.

Changelog parent: b694aa77a81e3dbd86c840e10494ae8e66bb8845

New changelog entries:
  * SECURITY UPDATE: DTLS implementation can lead to remote code execution.
  * ssl/{ssl_err,d1_both}.c, ssl/{dtls1,ssl}.h: patched inline with upstream
    fixes backported thanks to Ludwig Nussel.
  * References
    http://www.openssl.org/news/secadv_20071012.txt
    CVE-2007-4995

ubuntu/edgy-updates 2007-10-22 18:05:21 UTC 2007-10-22
Import patches-unapplied version 0.9.8b-2ubuntu2.2 to ubuntu/edgy-security

Author: Kees Cook
Author Date: 2007-10-19 16:59:38 UTC

Import patches-unapplied version 0.9.8b-2ubuntu2.2 to ubuntu/edgy-security

Imported using git-ubuntu import.

Changelog parent: b694aa77a81e3dbd86c840e10494ae8e66bb8845

New changelog entries:
  * SECURITY UPDATE: DTLS implementation can lead to remote code execution.
  * ssl/{ssl_err,d1_both}.c, ssl/{dtls1,ssl}.h: patched inline with upstream
    fixes backported thanks to Ludwig Nussel.
  * References
    http://www.openssl.org/news/secadv_20071012.txt
    CVE-2007-4995

ubuntu/edgy-security 2007-10-22 18:05:21 UTC 2007-10-22
Import patches-unapplied version 0.9.8b-2ubuntu2.2 to ubuntu/edgy-security

Author: Kees Cook
Author Date: 2007-10-19 16:59:38 UTC

Import patches-unapplied version 0.9.8b-2ubuntu2.2 to ubuntu/edgy-security

Imported using git-ubuntu import.

Changelog parent: b694aa77a81e3dbd86c840e10494ae8e66bb8845

New changelog entries:
  * SECURITY UPDATE: DTLS implementation can lead to remote code execution.
  * ssl/{ssl_err,d1_both}.c, ssl/{dtls1,ssl}.h: patched inline with upstream
    fixes backported thanks to Ludwig Nussel.
  * References
    http://www.openssl.org/news/secadv_20071012.txt
    CVE-2007-4995

applied/ubuntu/edgy-devel 2007-10-22 18:05:21 UTC 2007-10-22
Import patches-applied version 0.9.8b-2ubuntu2.2 to applied/ubuntu/edgy-security

Author: Kees Cook
Author Date: 2007-10-19 16:59:38 UTC

Import patches-applied version 0.9.8b-2ubuntu2.2 to applied/ubuntu/edgy-security

Imported using git-ubuntu import.

Changelog parent: 773cbf8028c5f66061dad0beace27e954205344d
Unapplied parent: 526933118af459e8daaf655e0511c29f8c9a23bd

New changelog entries:
  * SECURITY UPDATE: DTLS implementation can lead to remote code execution.
  * ssl/{ssl_err,d1_both}.c, ssl/{dtls1,ssl}.h: patched inline with upstream
    fixes backported thanks to Ludwig Nussel.
  * References
    http://www.openssl.org/news/secadv_20071012.txt
    CVE-2007-4995

applied/ubuntu/edgy-security 2007-10-22 18:05:21 UTC 2007-10-22
Import patches-applied version 0.9.8b-2ubuntu2.2 to applied/ubuntu/edgy-security

Author: Kees Cook
Author Date: 2007-10-19 16:59:38 UTC

Import patches-applied version 0.9.8b-2ubuntu2.2 to applied/ubuntu/edgy-security

Imported using git-ubuntu import.

Changelog parent: 773cbf8028c5f66061dad0beace27e954205344d
Unapplied parent: 526933118af459e8daaf655e0511c29f8c9a23bd

New changelog entries:
  * SECURITY UPDATE: DTLS implementation can lead to remote code execution.
  * ssl/{ssl_err,d1_both}.c, ssl/{dtls1,ssl}.h: patched inline with upstream
    fixes backported thanks to Ludwig Nussel.
  * References
    http://www.openssl.org/news/secadv_20071012.txt
    CVE-2007-4995

applied/ubuntu/gutsy 2007-10-04 17:05:36 UTC 2007-10-04
Import patches-applied version 0.9.8e-5ubuntu3 to applied/ubuntu/gutsy

Author: Matthias Klose
Author Date: 2007-10-04 16:27:53 UTC

Import patches-applied version 0.9.8e-5ubuntu3 to applied/ubuntu/gutsy

Imported using git-ubuntu import.

Changelog parent: 241d36fcc917ddc72fce2dd439f3cc895e14f39b
Unapplied parent: 536eef067229a4ae95986ad4b2df96b926523c87

New changelog entries:
  * Replace duplicate files in the doc directory with symlinks.

ubuntu/gutsy 2007-10-04 17:05:36 UTC 2007-10-04
Import patches-unapplied version 0.9.8e-5ubuntu3 to ubuntu/gutsy

Author: Matthias Klose
Author Date: 2007-10-04 16:27:53 UTC

Import patches-unapplied version 0.9.8e-5ubuntu3 to ubuntu/gutsy

Imported using git-ubuntu import.

Changelog parent: ef1a78d79eb6bce2cb9a9cdc3841005e33390e63

New changelog entries:
  * Replace duplicate files in the doc directory with symlinks.

ubuntu/feisty 2007-03-06 01:03:24 UTC 2007-03-06
Import patches-unapplied version 0.9.8c-4build1 to ubuntu/feisty

Author: Matthias Klose
Author Date: 2007-03-05 01:24:00 UTC

Import patches-unapplied version 0.9.8c-4build1 to ubuntu/feisty

Imported using git-ubuntu import.

Changelog parent: 20d2ab7db063d6a3a9d7ea109f67a2ebcd83c8ae

New changelog entries:
  * Rebuild for changes in the amd64 toolchain.

applied/ubuntu/feisty 2007-03-06 01:03:24 UTC 2007-03-06
Import patches-applied version 0.9.8c-4build1 to applied/ubuntu/feisty

Author: Matthias Klose
Author Date: 2007-03-05 01:24:00 UTC

Import patches-applied version 0.9.8c-4build1 to applied/ubuntu/feisty

Imported using git-ubuntu import.

Changelog parent: 124a205ef394c5963a5208953116e938e401f890
Unapplied parent: 2c9ef4abae7bfb1418c907ec43800c25ac00288a

New changelog entries:
  * Rebuild for changes in the amd64 toolchain.

applied/ubuntu/hoary-security 2006-10-04 16:04:02 UTC 2006-10-04
Import patches-applied version 0.9.7e-3ubuntu0.6 to applied/ubuntu/hoary-secu...

Author: Martin Pitt
Author Date: 2006-10-04 07:53:40 UTC

Import patches-applied version 0.9.7e-3ubuntu0.6 to applied/ubuntu/hoary-security

Imported using git-ubuntu import.

Changelog parent: bb987729b122fdcb777923c850615b5af3c9fff9
Unapplied parent: 8e1aba56337d44817e4c00804db5eed72c829199

New changelog entries:
  * SECURITY UPDATE: Previous update did not completely fix CVE-2006-2940.
  * crypto/rsa/rsa_eay.c: Apply max. modulus bits checking to
    RSA_eay_public_decrypt() instead of RSA_eay_private_encrypt(). Thanks to
    Mark J. Cox for noticing!
  * crypto/dh/dh_key.c: Fix return value to prevent free'ing an uninit'ed
    pointer.

ubuntu/breezy-security 2006-10-04 16:04:02 UTC 2006-10-04
Import patches-unapplied version 0.9.7g-1ubuntu1.5 to ubuntu/breezy-security

Author: Martin Pitt
Author Date: 2006-10-04 08:26:54 UTC

Import patches-unapplied version 0.9.7g-1ubuntu1.5 to ubuntu/breezy-security

Imported using git-ubuntu import.

Changelog parent: 0d30bc4cbd029cdc193f54e35115b18251de8f57

New changelog entries:
  * SECURITY UPDATE: Previous update did not completely fix CVE-2006-2940.
  * crypto/rsa/rsa_eay.c: Apply max. modulus bits checking to
    RSA_eay_public_decrypt() instead of RSA_eay_private_encrypt(). Thanks to
    Mark J. Cox for noticing!
  * crypto/dh/dh_key.c: Fix return value to prevent free'ing an uninit'ed
    pointer.

ubuntu/breezy-devel 2006-10-04 16:04:02 UTC 2006-10-04
Import patches-unapplied version 0.9.7g-1ubuntu1.5 to ubuntu/breezy-security

Author: Martin Pitt
Author Date: 2006-10-04 08:26:54 UTC

Import patches-unapplied version 0.9.7g-1ubuntu1.5 to ubuntu/breezy-security

Imported using git-ubuntu import.

Changelog parent: 0d30bc4cbd029cdc193f54e35115b18251de8f57

New changelog entries:
  * SECURITY UPDATE: Previous update did not completely fix CVE-2006-2940.
  * crypto/rsa/rsa_eay.c: Apply max. modulus bits checking to
    RSA_eay_public_decrypt() instead of RSA_eay_private_encrypt(). Thanks to
    Mark J. Cox for noticing!
  * crypto/dh/dh_key.c: Fix return value to prevent free'ing an uninit'ed
    pointer.

ubuntu/hoary-security 2006-10-04 16:04:02 UTC 2006-10-04
Import patches-unapplied version 0.9.7e-3ubuntu0.6 to ubuntu/hoary-security

Author: Martin Pitt
Author Date: 2006-10-04 07:53:40 UTC

Import patches-unapplied version 0.9.7e-3ubuntu0.6 to ubuntu/hoary-security

Imported using git-ubuntu import.

Changelog parent: 51f9430a17d7d26a505072d5e4d88ff7a5fdc6ae

New changelog entries:
  * SECURITY UPDATE: Previous update did not completely fix CVE-2006-2940.
  * crypto/rsa/rsa_eay.c: Apply max. modulus bits checking to
    RSA_eay_public_decrypt() instead of RSA_eay_private_encrypt(). Thanks to
    Mark J. Cox for noticing!
  * crypto/dh/dh_key.c: Fix return value to prevent free'ing an uninit'ed
    pointer.

applied/ubuntu/breezy-security 2006-10-04 16:04:02 UTC 2006-10-04
Import patches-applied version 0.9.7g-1ubuntu1.5 to applied/ubuntu/breezy-sec...

Author: Martin Pitt
Author Date: 2006-10-04 08:26:54 UTC

Import patches-applied version 0.9.7g-1ubuntu1.5 to applied/ubuntu/breezy-security

Imported using git-ubuntu import.

Changelog parent: a7a1218600f359b14d8edef7b540ee4d81d603d3
Unapplied parent: 760ab111936d14f417c6c4a0da21e10dd9dacb37

New changelog entries:
  * SECURITY UPDATE: Previous update did not completely fix CVE-2006-2940.
  * crypto/rsa/rsa_eay.c: Apply max. modulus bits checking to
    RSA_eay_public_decrypt() instead of RSA_eay_private_encrypt(). Thanks to
    Mark J. Cox for noticing!
  * crypto/dh/dh_key.c: Fix return value to prevent free'ing an uninit'ed
    pointer.

applied/ubuntu/breezy-devel 2006-10-04 16:04:02 UTC 2006-10-04
Import patches-applied version 0.9.7g-1ubuntu1.5 to applied/ubuntu/breezy-sec...

Author: Martin Pitt
Author Date: 2006-10-04 08:26:54 UTC

Import patches-applied version 0.9.7g-1ubuntu1.5 to applied/ubuntu/breezy-security

Imported using git-ubuntu import.

Changelog parent: a7a1218600f359b14d8edef7b540ee4d81d603d3
Unapplied parent: 760ab111936d14f417c6c4a0da21e10dd9dacb37

New changelog entries:
  * SECURITY UPDATE: Previous update did not completely fix CVE-2006-2940.
  * crypto/rsa/rsa_eay.c: Apply max. modulus bits checking to
    RSA_eay_public_decrypt() instead of RSA_eay_private_encrypt(). Thanks to
    Mark J. Cox for noticing!
  * crypto/dh/dh_key.c: Fix return value to prevent free'ing an uninit'ed
    pointer.

ubuntu/hoary-devel 2006-10-04 16:04:02 UTC 2006-10-04
Import patches-unapplied version 0.9.7e-3ubuntu0.6 to ubuntu/hoary-security

Author: Martin Pitt
Author Date: 2006-10-04 07:53:40 UTC

Import patches-unapplied version 0.9.7e-3ubuntu0.6 to ubuntu/hoary-security

Imported using git-ubuntu import.

Changelog parent: 51f9430a17d7d26a505072d5e4d88ff7a5fdc6ae

New changelog entries:
  * SECURITY UPDATE: Previous update did not completely fix CVE-2006-2940.
  * crypto/rsa/rsa_eay.c: Apply max. modulus bits checking to
    RSA_eay_public_decrypt() instead of RSA_eay_private_encrypt(). Thanks to
    Mark J. Cox for noticing!
  * crypto/dh/dh_key.c: Fix return value to prevent free'ing an uninit'ed
    pointer.

applied/ubuntu/hoary-devel 2006-10-04 16:04:02 UTC 2006-10-04
Import patches-applied version 0.9.7e-3ubuntu0.6 to applied/ubuntu/hoary-secu...

Author: Martin Pitt
Author Date: 2006-10-04 07:53:40 UTC

Import patches-applied version 0.9.7e-3ubuntu0.6 to applied/ubuntu/hoary-security

Imported using git-ubuntu import.

Changelog parent: bb987729b122fdcb777923c850615b5af3c9fff9
Unapplied parent: 8e1aba56337d44817e4c00804db5eed72c829199

New changelog entries:
  * SECURITY UPDATE: Previous update did not completely fix CVE-2006-2940.
  * crypto/rsa/rsa_eay.c: Apply max. modulus bits checking to
    RSA_eay_public_decrypt() instead of RSA_eay_private_encrypt(). Thanks to
    Mark J. Cox for noticing!
  * crypto/dh/dh_key.c: Fix return value to prevent free'ing an uninit'ed
    pointer.

201300 of 314 results

Other repositories

Name Last Modified
lp:ubuntu/+source/openssl 2020-05-28
11 of 1 result
You can't create new repositories for openssl in Ubuntu.