ubuntu/+source/openssl:applied/ubuntu/karmic-security

Last commit made on 2010-12-08
Get this branch:
git clone -b applied/ubuntu/karmic-security https://git.launchpad.net/ubuntu/+source/openssl
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/karmic-security
Repository:
lp:ubuntu/+source/openssl

Recent commits

cb0e564... by Steve Beattie on 2010-12-03

Import patches-applied version 0.9.8g-16ubuntu3.5 to applied/ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: 35c68f28bab8455f0ba58dff62316c97c5ffaa50
Unapplied parent: a7cca11c6dc9d8ea80371873453079af37f009c6

New changelog entries:
  * SECURITY UPDATE: ciphersuite downgrade vulnerability
    - ssl/s3_clnt.c, ssl/s3_srvr.c: disable workaround for Netscape
      cipher suite bug
    - http://openssl.org/news/secadv_20101202.txt
    - CVE-2010-4180

a7cca11... by Steve Beattie on 2010-12-03

Import patches-unapplied version 0.9.8g-16ubuntu3.5 to ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: 89bf41a8b985003742de05bf1a027ac45cbde2aa

New changelog entries:
  * SECURITY UPDATE: ciphersuite downgrade vulnerability
    - ssl/s3_clnt.c, ssl/s3_srvr.c: disable workaround for Netscape
      cipher suite bug
    - http://openssl.org/news/secadv_20101202.txt
    - CVE-2010-4180

35c68f2... by Steve Beattie on 2010-11-17

Import patches-applied version 0.9.8g-16ubuntu3.4 to applied/ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: 12434ed93c4d9ad51a7f4b884e7ec8130cde08d4
Unapplied parent: 89bf41a8b985003742de05bf1a027ac45cbde2aa

New changelog entries:
  * SECURITY UPDATE: TLS race condition leading to a buffer overflow and
    possible code execution. (LP: #676243)
    - ssl/t1_lib.c: stricter NULL/not-NULL checking
    - http://openssl.org/news/secadv_20101116.txt
    - CVE-2010-3864

89bf41a... by Steve Beattie on 2010-11-17

Import patches-unapplied version 0.9.8g-16ubuntu3.4 to ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: 1f4616226b9f0cfc8d1f41d9f12f084e5a1d1c86

New changelog entries:
  * SECURITY UPDATE: TLS race condition leading to a buffer overflow and
    possible code execution. (LP: #676243)
    - ssl/t1_lib.c: stricter NULL/not-NULL checking
    - http://openssl.org/news/secadv_20101116.txt
    - CVE-2010-3864

12434ed... by Marc Deslauriers on 2010-10-06

Import patches-applied version 0.9.8g-16ubuntu3.3 to applied/ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: d66a4359e9845f6411f872a22bf0db12ab42cee4
Unapplied parent: 1f4616226b9f0cfc8d1f41d9f12f084e5a1d1c86

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    unchecked bn_wexpand return values. (LP: #655884)
    - crypto/bn/{bn_mul,bn_div,bn_gf2m}.c, crypto/ec/ec2_smpl.c,
      engines/e_ubsec.c: check return values.
    - http://cvs.openssl.org/chngview?cn=18936
    - http://cvs.openssl.org/chngview?cn=19309
    - CVE-2009-3245
  * SECURITY UPDATE: denial of service and possible code execution via
    crafted private key with an invalid prime.
    - ssl/s3_clnt.c: set bn_ctx to NULL after freeing it.
    - http://<email address hidden>/msg28049.html
    - CVE-2010-2939

1f46162... by Marc Deslauriers on 2010-10-06

Import patches-unapplied version 0.9.8g-16ubuntu3.3 to ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: cb34ed53bc8003353d30ab3e13fde86a59e3b366

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    unchecked bn_wexpand return values. (LP: #655884)
    - crypto/bn/{bn_mul,bn_div,bn_gf2m}.c, crypto/ec/ec2_smpl.c,
      engines/e_ubsec.c: check return values.
    - http://cvs.openssl.org/chngview?cn=18936
    - http://cvs.openssl.org/chngview?cn=19309
    - CVE-2009-3245
  * SECURITY UPDATE: denial of service and possible code execution via
    crafted private key with an invalid prime.
    - ssl/s3_clnt.c: set bn_ctx to NULL after freeing it.
    - http://<email address hidden>/msg28049.html
    - CVE-2010-2939

d66a435... by Marc Deslauriers on 2010-08-12

Import patches-applied version 0.9.8g-16ubuntu3.2 to applied/ubuntu/karmic-proposed

Imported using git-ubuntu import.

Changelog parent: c31ac88c574b9bc827c3926124f4179a0d8274ad
Unapplied parent: cb34ed53bc8003353d30ab3e13fde86a59e3b366

New changelog entries:
  * SECURITY UPDATE: TLS renegotiation flaw (LP: #616759)
    - apps/{s_cb,s_client,s_server}.c, doc/ssl/SSL_CTX_set_options.pod,
      ssl/{d1_both,d1_clnt,d1_srvr,s3_both,s3_clnt,s3_pkt,s3_srvr,ssl_err,
      ssl_lib,t1_lib,t1_reneg}.c, ssl/Makefile, ssl/{ssl3,ssl,ssl_locl,
      tls1}.h: backport rfc5746 support from openssl 0.9.8m.
    - CVE-2009-3555

cb34ed5... by Marc Deslauriers on 2010-08-12

Import patches-unapplied version 0.9.8g-16ubuntu3.2 to ubuntu/karmic-proposed

Imported using git-ubuntu import.

Changelog parent: ba18c86ffa81a88489864cd8b8528bca6d6d8e94

New changelog entries:
  * SECURITY UPDATE: TLS renegotiation flaw (LP: #616759)
    - apps/{s_cb,s_client,s_server}.c, doc/ssl/SSL_CTX_set_options.pod,
      ssl/{d1_both,d1_clnt,d1_srvr,s3_both,s3_clnt,s3_pkt,s3_srvr,ssl_err,
      ssl_lib,t1_lib,t1_reneg}.c, ssl/Makefile, ssl/{ssl3,ssl,ssl_locl,
      tls1}.h: backport rfc5746 support from openssl 0.9.8m.
    - CVE-2009-3555

c31ac88... by Kees Cook on 2010-01-13

Import patches-applied version 0.9.8g-16ubuntu3.1 to applied/ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: d9cb4fc60e86ffc03de4d3f3b7a4347820879722
Unapplied parent: ba18c86ffa81a88489864cd8b8528bca6d6d8e94

New changelog entries:
  * SECURITY UPDATE: memory leak possible during state clean-up.
    - crypto/comp/c_zlib.c: upstream fixes applied inline.
    - CVE-2009-4355

ba18c86... by Kees Cook on 2010-01-13

Import patches-unapplied version 0.9.8g-16ubuntu3.1 to ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: 74bf0e923090036ed0bf6da4f7e0e0d625e8aa6f

New changelog entries:
  * SECURITY UPDATE: memory leak possible during state clean-up.
    - crypto/comp/c_zlib.c: upstream fixes applied inline.
    - CVE-2009-4355