ubuntu/+source/openssl:applied/ubuntu/edgy-devel

Last commit made on 2007-10-22
Get this branch:
git clone -b applied/ubuntu/edgy-devel https://git.launchpad.net/ubuntu/+source/openssl
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/edgy-devel
Repository:
lp:ubuntu/+source/openssl

Recent commits

92a81f1... by Kees Cook on 2007-10-19

Import patches-applied version 0.9.8b-2ubuntu2.2 to applied/ubuntu/edgy-security

Imported using git-ubuntu import.

Changelog parent: 773cbf8028c5f66061dad0beace27e954205344d
Unapplied parent: 526933118af459e8daaf655e0511c29f8c9a23bd

New changelog entries:
  * SECURITY UPDATE: DTLS implementation can lead to remote code execution.
  * ssl/{ssl_err,d1_both}.c, ssl/{dtls1,ssl}.h: patched inline with upstream
    fixes backported thanks to Ludwig Nussel.
  * References
    http://www.openssl.org/news/secadv_20071012.txt
    CVE-2007-4995

5269331... by Kees Cook on 2007-10-19

Import patches-unapplied version 0.9.8b-2ubuntu2.2 to ubuntu/edgy-security

Imported using git-ubuntu import.

Changelog parent: b694aa77a81e3dbd86c840e10494ae8e66bb8845

New changelog entries:
  * SECURITY UPDATE: DTLS implementation can lead to remote code execution.
  * ssl/{ssl_err,d1_both}.c, ssl/{dtls1,ssl}.h: patched inline with upstream
    fixes backported thanks to Ludwig Nussel.
  * References
    http://www.openssl.org/news/secadv_20071012.txt
    CVE-2007-4995

773cbf8... by Kees Cook on 2007-09-28

Import patches-applied version 0.9.8b-2ubuntu2.1 to applied/ubuntu/edgy-security

Imported using git-ubuntu import.

Changelog parent: 9740c4712f7b4887281e5e509b75577fb6a966fa
Unapplied parent: b694aa77a81e3dbd86c840e10494ae8e66bb8845

New changelog entries:
  [ Jamie Strandboge ]
  * SECURITY UPDATE: off-by-one error in SSL_get_shared_ciphers() results in
    buffer overflow
  * ssl/ssl_lib.c: applied upstream patch from openssl CVS thanks to
    Stephan Hermann
  * References:
    CVE-2007-5135
    http://www.securityfocus.com/archive/1/archive/1/480855/100/0/threaded
    Fixes LP: #146269
  [ Kees Cook ]
  * SECURITY UPDATE: side-channel attacks via BN_from_montgomery function.
  * crypto/bn/bn_mont.c: upstream patch from openssl CVS thanks to Debian.
  * References
    CVE-2007-3108

b694aa7... by Kees Cook on 2007-09-28

Import patches-unapplied version 0.9.8b-2ubuntu2.1 to ubuntu/edgy-security

Imported using git-ubuntu import.

Changelog parent: c2a591602a7725d3b7e2e924263ca510d4e2ced8

New changelog entries:
  [ Jamie Strandboge ]
  * SECURITY UPDATE: off-by-one error in SSL_get_shared_ciphers() results in
    buffer overflow
  * ssl/ssl_lib.c: applied upstream patch from openssl CVS thanks to
    Stephan Hermann
  * References:
    CVE-2007-5135
    http://www.securityfocus.com/archive/1/archive/1/480855/100/0/threaded
    Fixes LP: #146269
  [ Kees Cook ]
  * SECURITY UPDATE: side-channel attacks via BN_from_montgomery function.
  * crypto/bn/bn_mont.c: upstream patch from openssl CVS thanks to Debian.
  * References
    CVE-2007-3108

9740c47... by Martin Pitt on 2006-09-27

Import patches-applied version 0.9.8b-2ubuntu2 to applied/ubuntu/edgy

Imported using git-ubuntu import.

Changelog parent: 99182c91cf6868ea558cdf95fdea67fc4ff1f880
Unapplied parent: c2a591602a7725d3b7e2e924263ca510d4e2ced8

New changelog entries:
  * SECURITY UPDATE: Remote arbitrary code execution, remote DoS.
  * crypto/asn1/tasn_dec.c, asn1_d2i_ex_primitive(): Initialize 'ret' to avoid
    an infinite loop in some circumstances. [CVE-2006-2937]
  * ssl/ssl_lib.c, SSL_get_shared_ciphers(): Fix len comparison to correctly
    handle invalid long cipher list strings. [CVE-2006-3738]
  * ssl/s2_clnt.c, get_server_hello(): Check for NULL session certificate to
    avoid client crash with malicious server responses. [CVE-2006-4343]
  * Certain types of public key could take disproportionate amounts of time to
    process. Apply patch from Bodo Moeller to impose limits to public key type
    values (similar to Mozilla's libnss). Fixes CPU usage/memory DoS. [CVE-2006-2940]
  * Updated patch in previous package version to fix a few corner-case
    regressions. (This reverts the changes to rsa_eay.c/rsa.h/rsa_err.c, which
    were determined to not be necessary).

c2a5916... by Martin Pitt on 2006-09-27

Import patches-unapplied version 0.9.8b-2ubuntu2 to ubuntu/edgy

Imported using git-ubuntu import.

Changelog parent: cfbe33d02b2140df9d76b6d7e8a8825f9863004e

New changelog entries:
  * SECURITY UPDATE: Remote arbitrary code execution, remote DoS.
  * crypto/asn1/tasn_dec.c, asn1_d2i_ex_primitive(): Initialize 'ret' to avoid
    an infinite loop in some circumstances. [CVE-2006-2937]
  * ssl/ssl_lib.c, SSL_get_shared_ciphers(): Fix len comparison to correctly
    handle invalid long cipher list strings. [CVE-2006-3738]
  * ssl/s2_clnt.c, get_server_hello(): Check for NULL session certificate to
    avoid client crash with malicious server responses. [CVE-2006-4343]
  * Certain types of public key could take disproportionate amounts of time to
    process. Apply patch from Bodo Moeller to impose limits to public key type
    values (similar to Mozilla's libnss). Fixes CPU usage/memory DoS. [CVE-2006-2940]
  * Updated patch in previous package version to fix a few corner-case
    regressions. (This reverts the changes to rsa_eay.c/rsa.h/rsa_err.c, which
    were determined to not be necessary).

99182c9... by Martin Pitt on 2006-09-05

Import patches-applied version 0.9.8b-2ubuntu1 to applied/ubuntu/edgy

Imported using git-ubuntu import.

Changelog parent: 492f751086fd9df6c9d9f700c85834a35521f6be
Unapplied parent: cfbe33d02b2140df9d76b6d7e8a8825f9863004e

New changelog entries:
  * SECURITY UPDATE: signature forgery in some cases.
  * Apply http://www.openssl.org/news/patch-CVE-2006-4339.txt:
    - Check excessive data in padding of PKCS #1 v1.5 signatures to prevent
      applications from incorrectly verifying the certificate.
  * References:
    CVE-2006-4339
    http://www.openssl.org/news/secadv_20060905.txt

cfbe33d... by Martin Pitt on 2006-09-05

Import patches-unapplied version 0.9.8b-2ubuntu1 to ubuntu/edgy

Imported using git-ubuntu import.

Changelog parent: 8191a6416381cc66efbd303b090cc1fd079fe3f4

New changelog entries:
  * SECURITY UPDATE: signature forgery in some cases.
  * Apply http://www.openssl.org/news/patch-CVE-2006-4339.txt:
    - Check excessive data in padding of PKCS #1 v1.5 signatures to prevent
      applications from incorrectly verifying the certificate.
  * References:
    CVE-2006-4339
    http://www.openssl.org/news/secadv_20060905.txt

492f751... by Colin Watson on 2006-07-31

Import patches-applied version 0.9.8b-2build1 to applied/ubuntu/edgy

Imported using git-ubuntu import.

Changelog parent: 80e8821d8f00c19d564893c687005d3d0b5a958b
Unapplied parent: 8191a6416381cc66efbd303b090cc1fd079fe3f4

New changelog entries:
  * Rebuild with current zlib1g-dev to fix udeb shlibdeps.

8191a64... by Colin Watson on 2006-07-31

Import patches-unapplied version 0.9.8b-2build1 to ubuntu/edgy

Imported using git-ubuntu import.

Changelog parent: 365a564ba4f195916b6830f8367ef4f892a770ec

New changelog entries:
  * Rebuild with current zlib1g-dev to fix udeb shlibdeps.