Created by James Westby and last modified
Get this branch:
bzr branch lp:ubuntu/maverick/openssl
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Ubuntu branches
Review team:
Ubuntu Development Team

Recent revisions

48. By Colin Watson

releasing version 0.9.8o-1ubuntu4

47. By Colin Watson

Update AES-NI patch to openssl-0.9.8-aesni-modes-perlasm-win32-v4.patch
from http://rt.openssl.org/Ticket/Display.html?id=2067, fixing segfault
on engine initialisation (LP: #590639).

46. By Kees Cook

debian/patches/no-sslv2.patch: disable SSLv2 to match NSS and GnuTLS.
The protocol is unsafe and extremely deprecated. (Debian bug 589706)

45. By Matthias Klose

* Don't build anymore for processors not supported anymore in maverick:
  - i486, i586 (on i386).
  - v8 (on sparc).

44. By Marc Deslauriers

* Merge from debian unstable, remaining changes (LP: #581167):
  - debian/patches/Bsymbolic-functions.patch: Link using
  - Ship documentation in openssl-doc, suggested by the package.
  - Use a different priority for libssl0.9.8/restart-services
    depending on whether a desktop, or server dist-upgrade is being
  - Display a system restart required notification bubble on libssl0.9.8
  - Replace duplicate files in the doc directory with symlinks.
  - Move runtime libraries to /lib, for the benefit of wpasupplicant
  - Use host compiler when cross-building (patch from Neil Williams in
    Debian #465248).
  - Don't run 'make test' when cross-building.
  - Create libssl0.9.8-udeb, for the benefit of wget-udeb (LP: #503339).
  - debian/patches/aesni.patch: Backport Intel AES-NI support from
    http://rt.openssl.org/Ticket/Display.html?id=2067 (LP: #485518).
  - debian/patches/perlpath-quilt.patch: Don't change perl #! paths
    under .pc.
* Dropped patches, now upstream:
  - debian/patches/CVE-2009-3245.patch
  - debian/patches/CVE-2010-0740.patch
  - debian/patches/dtls-compatibility.patch
  - debian/patches/CVE-2009-4355.patch
* Dropped "Add support for lpia".
* Dropped "Disable SSLv2 during compile" as this had never actually
  disabled SSLv2.
* Don't disable CVE-2009-3555.patch for Maverick.

43. By Marc Deslauriers

* SECURITY UPDATE: denial of service and possible arbitrary code
  execution via unchecked return values
  - debian/patches/CVE-2009-3245.patch: check bn_wexpand return value in
    crypto/bn/{bn_div.c,bn_gf2m.c,bn_mul.c}, crypto/ec/ec2_smpl.c,
  - CVE-2009-3245
* SECURITY UPDATE: denial of service via "record of death"
  - debian/patches/CVE-2010-0740.patch: only send back minor version
    number in ssl/s3_pkt.c.
  - CVE-2010-0740

42. By Marc Deslauriers

debian/patches/dtls-compatibility.patch: backport dtls compatibility
code from 0.9.8m to fix interopability. (LP: #516318)

41. By Colin Watson

* Backport Intel AES-NI support from
  http://rt.openssl.org/Ticket/Display.html?id=2067 (LP: #485518).
* Don't change perl #! paths under .pc.

40. By Kees Cook

* SECURITY UPDATE: memory leak possible during state clean-up.
  - Add CVE-2009-4355.patch, upstream fixes thanks to Debian.

39. By Colin Watson

releasing version 0.9.8k-7ubuntu4

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
This branch contains Public information 
Everyone can see this information.