lp:~nvalcarcel/ubuntu/maverick/openssl/openssl-merge
- Get this branch:
- bzr branch lp:~nvalcarcel/ubuntu/maverick/openssl/openssl-merge
Branch merges
Related bugs
Bug #581167: Please merge openssl 0.9.8n-1 into ubuntu | Undecided | Fix Released |
Related blueprints
Branch information
- Owner:
- Nicolas Valcarcel
- Status:
- Development
Recent revisions
- 44. By Nicolas Valcarcel
-
* Merge from debian unstable, remaining changes (LP: #493392):
- Link using -Bsymbolic-functions
- Add support for lpia
- Disable SSLv2 during compile
- Ship documentation in openssl-doc, suggested by the package.
- Use a different priority for libssl0.9.8/restart- services
depending on whether a desktop, or server dist-upgrade is being
performed.
- Display a system restart required notification bubble on libssl0.9.8
upgrade.
- Replace duplicate files in the doc directory with symlinks.
- Move runtime libraries to /lib, for the benefit of wpasupplicant
- Use host compiler when cross-building
- Don't run 'make test' when cross-building.
- Create libssl0.9.8-udeb, for the benefit of wget-udeb
* New upstream version.
- Fixes CVE-2010-0740.
- Drop cfb.patch, applied upstream.
* Revert CFB block length change preventing reading older files.
(Closes: #571810, #571940)
* New upstream version
- Implements RFC5746, reenables renegotiation but requires the extension.
- Fixes CVE-2009-3245
- Drop patches CVE-2009-4355.patch, CVE-2009- 1378.patch,
CVE-2009-1377. patch, CVE-2009- 1379.patch, CVE-2009- 3555.patch,
CVE-2009-2409. patch, CVE-2009- 1387.patch, tls_ext_v3.patch,
no_check_self_ signed. patch: applied upstream
- pk7_mime_free.patch removed, code rewritten
- ca.diff partially applied upstream
- engines-path.patch adjusted, upstream made some minor changes to the
build system.
- some flags changed values, bump shlibs.
* Switch to 3.0 (quilt) source package.
* Make sure the package is properly cleaned.
* Add ${misc:Depends} to the Depends on all packages.
* Fix spelling of extension in the changelog file.
* Clean up zlib state so that it will be reinitialized on next use and
not cause a memory leak. (CVE-2009-4355, CVE-2008-1678)
* Don't add extensions to ssl v3 connections. It breaks with some
* CA.sh should use the v3_ca extension when called with -newca - 43. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service and possible arbitrary code
execution via unchecked return values
- debian/patches/ CVE-2009- 3245.patch: check bn_wexpand return value in
crypto/bn/{bn_ div.c,bn_ gf2m.c, bn_mul. c}, crypto/ ec/ec2_ smpl.c,
engines/e_ubsec. c.
- CVE-2009-3245
* SECURITY UPDATE: denial of service via "record of death"
- debian/patches/ CVE-2010- 0740.patch: only send back minor version
number in ssl/s3_pkt.c.
- CVE-2010-0740 - 42. By Marc Deslauriers
-
debian/
patches/ dtls-compatibil ity.patch: backport dtls compatibility
code from 0.9.8m to fix interopability. (LP: #516318) - 41. By Colin Watson
-
* Backport Intel AES-NI support from
http://rt.openssl. org/Ticket/ Display. html?id= 2067 (LP: #485518).
* Don't change perl #! paths under .pc.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/maverick/openssl