Ubuntu
openssl package

Branches for Natty

Name Status Last Modified Last Commit
lp:ubuntu/natty/openssl bug 2 Mature 2011-02-23 01:16:32 UTC
54. * Merge from debian unstable. Remain...

Author: Artur Rona
Revision Date: 2011-02-13 16:10:24 UTC

* Merge from debian unstable. Remaining changes: (LP: #718205)
  - d/libssl0.9.8.postinst:
    + Display a system restart required notification bubble
      on libssl0.9.8 upgrade.
    + Use a different priority for libssl0.9.8/restart-services
      depending on whether a desktop, or server dist-upgrade
      is being performed.
  - d/{libssl0.9.8-udeb.dirs, control, rules}: Create
    libssl0.9.8-udeb, for the benefit of wget-udeb (no wget-udeb
    package in Debian).
  - d/{libcrypto0.9.8-udeb.dirs, libssl0.9.8.dirs, libssl0.9.8.files,
    rules}: Move runtime libraries to /lib, for the benefit of wpasupplicant.
  - d/{control, openssl-doc.docs, openssl.docs, openssl.dirs}:
    + Ship documentation in openssl-doc, suggested by the package.
     (Closes: #470594)
  - d/p/aesni.patch: Backport Intel AES-NI support from
    http://rt.openssl.org/Ticket/Display.html?id=2067 (refreshed)
  - d/p/Bsymbolic-functions.patch: Link using -Bsymbolic-functions.
  - d/p/perlpath-quilt.patch: Don't change perl #! paths under .pc.
  - d/p/no-sslv2.patch: Disable SSLv2 to match NSS and GnuTLS.
    The protocol is unsafe and extremely deprecated. (Closes: #589706)
  - d/rules:
    + Disable SSLv2 during compile. (Closes: #589706)
    + Don't run 'make test' when cross-building.
    + Use host compiler when cross-building. Patch from Neil Williams.
      (Closes: #465248)
    + Don't build for processors no longer supported: i486, i586
      (on i386), v8 (on sparc).
    + Fix Makefile to properly clean up libs/ dirs in clean target.
      (Closes: #611667)
    + Replace duplicate files in the doc directory with symlinks.
* This upload fixed CVE: (LP: #718208)
  - CVE-2011-0014
lp:ubuntu/natty-security/openssl bug 2 Mature 2012-05-22 15:25:06 UTC
58. * SECURITY UPDATE: denial of service ...

Author: Steve Beattie
Revision Date: 2012-05-22 15:25:06 UTC

* SECURITY UPDATE: denial of service attack in DTLS implementation
  - debian/patches/CVE_2012-2333.patch: guard for integer overflow
    before skipping explicit IV
  - CVE-2012-2333
* SECURITY UPDATE: million message attack (MMA) in CMS and PKCS #7
  - debian/patches/CVE-2012-0884.patch: use a random key if RSA
    decryption fails to avoid leaking timing information
  - CVE-2012-0884
* debian/patches/CVE-2012-0884-extra.patch: detect symmetric crypto
  errors in PKCS7_decrypt and initialize tkeylen properly when
  encrypting CMS messages.
lp:ubuntu/natty-updates/openssl 2 Mature 2012-05-22 15:25:06 UTC
58. * SECURITY UPDATE: denial of service ...

Author: Steve Beattie
Revision Date: 2012-05-22 15:25:06 UTC

* SECURITY UPDATE: denial of service attack in DTLS implementation
  - debian/patches/CVE_2012-2333.patch: guard for integer overflow
    before skipping explicit IV
  - CVE-2012-2333
* SECURITY UPDATE: million message attack (MMA) in CMS and PKCS #7
  - debian/patches/CVE-2012-0884.patch: use a random key if RSA
    decryption fails to avoid leaking timing information
  - CVE-2012-0884
* debian/patches/CVE-2012-0884-extra.patch: detect symmetric crypto
  errors in PKCS7_decrypt and initialize tkeylen properly when
  encrypting CMS messages.
13 of 3 results FirstPreviousNextLast