ubuntu/+source/openssl:applied/ubuntu/utopic-proposed

Last commit made on 2014-10-16
Get this branch:
git clone -b applied/ubuntu/utopic-proposed https://git.launchpad.net/ubuntu/+source/openssl
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/utopic-proposed
Repository:
lp:ubuntu/+source/openssl

Recent commits

d03aff2... by Marc Deslauriers on 2014-10-16

Import patches-applied version 1.0.1f-1ubuntu9 to applied/ubuntu/utopic-proposed

Imported using git-ubuntu import.

Changelog parent: 2b748b591ca9fad14c65b1491b4bd8a1d15f3a1f
Unapplied parent: 98054e1810b57e54090d56553d244b6c6f550699

New changelog entries:
  * SECURITY UPDATE: denial of service via DTLS SRTP memory leak
    - debian/patches/CVE-2014-3513.patch: fix logic in ssl/d1_srtp.c,
      ssl/srtp.h, ssl/t1_lib.c, util/mk1mf.pl, util/mkdef.pl,
      util/ssleay.num.
    - CVE-2014-3513
  * SECURITY UPDATE: denial of service via session ticket integrity check
    memory leak
    - debian/patches/CVE-2014-3567.patch: perform cleanup in ssl/t1_lib.c.
    - CVE-2014-3567
  * SECURITY UPDATE: fix the no-ssl3 build option
    - debian/patches/CVE-2014-3568.patch: fix conditional code in
      ssl/s23_clnt.c, ssl/s23_srvr.c.
    - CVE-2014-3568
  * SECURITY IMPROVEMENT: Added TLS_FALLBACK_SCSV support to mitigate a
    protocol downgrade attack to SSLv3 that exposes the POODLE attack.
    - debian/patches/tls_fallback_scsv_support.patch: added support for
      TLS_FALLBACK_SCSV in apps/s_client.c, crypto/err/openssl.ec,
      ssl/d1_lib.c, ssl/dtls1.h, ssl/s23_clnt.c, ssl/s23_srvr.c,
      ssl/s2_lib.c, ssl/s3_enc.c, ssl/s3_lib.c, ssl/ssl.h, ssl/ssl3.h,
      ssl/ssl_err.c, ssl/ssl_lib.c, ssl/t1_enc.c, ssl/tls1.h,
      doc/apps/s_client.pod, doc/ssl/SSL_CTX_set_mode.pod.

98054e1... by Marc Deslauriers on 2014-10-16

[PATCH] Fix no-ssl3 configuration option

Gbp-Pq: CVE-2014-3568.patch.

27ba552... by Marc Deslauriers on 2014-10-16

[PATCH] Fix for session tickets memory leak.

Gbp-Pq: CVE-2014-3567.patch.

6e29eb8... by Marc Deslauriers on 2014-10-16

fix denial of service via DTLS SRTP memory leak

Gbp-Pq: CVE-2014-3513.patch.

7a42dbb... by Marc Deslauriers on 2014-10-16

Added TLS_FALLBACK_SCSV support

Gbp-Pq: tls_fallback_scsv_support.patch.

5c11e3b... by Marc Deslauriers on 2014-10-16

Collected POWER8 optimisations

Gbp-Pq: power8-optimisations.patch.

735ec93... by Marc Deslauriers on 2014-10-16

fix crash with SRP ciphersuite in Server Hello message

Gbp-Pq: CVE-2014-5139.patch.

9acae3f... by Marc Deslauriers on 2014-10-16

[PATCH] Fix SRP buffer overrun vulnerability.

Gbp-Pq: CVE-2014-3512.patch.

fd6b234... by Marc Deslauriers on 2014-10-16

[PATCH] Fix protocol downgrade bug in case of fragmented packets

Gbp-Pq: CVE-2014-3511.patch.

4ee3f49... by Marc Deslauriers on 2014-10-16

[PATCH] Fix DTLS anonymous EC(DH) denial of service

Gbp-Pq: CVE-2014-3510.patch.