ubuntu/+source/openssl:applied/ubuntu/wily-devel

Last commit made on 2016-05-03
Get this branch:
git clone -b applied/ubuntu/wily-devel https://git.launchpad.net/ubuntu/+source/openssl
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/wily-devel
Repository:
lp:ubuntu/+source/openssl

Recent commits

fdfb019... by Marc Deslauriers on 2016-04-28

Import patches-applied version 1.0.2d-0ubuntu1.5 to applied/ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: 8aaa181725e121c72f35b02f76e8d304454bc867
Unapplied parent: 37ad5bf7b61ff26171be3b29a673c6b3a54d2f8b

New changelog entries:
  * SECURITY UPDATE: EVP_EncodeUpdate overflow
    - debian/patches/CVE-2016-2105.patch: properly check lengths in
      crypto/evp/encode.c, add documentation to
      doc/crypto/EVP_EncodeInit.pod, doc/crypto/evp.pod.
    - CVE-2016-2105
  * SECURITY UPDATE: EVP_EncryptUpdate overflow
    - debian/patches/CVE-2016-2106.patch: fix overflow in
      crypto/evp/evp_enc.c.
    - CVE-2016-2106
  * SECURITY UPDATE: Padding oracle in AES-NI CBC MAC check
    - debian/patches/CVE-2016-2107.patch: check that there are enough
      padding characters in crypto/evp/e_aes_cbc_hmac_sha1.c,
      crypto/evp/e_aes_cbc_hmac_sha256.c.
    - CVE-2016-2107
  * SECURITY UPDATE: Memory corruption in the ASN.1 encoder
    - debian/patches/CVE-2016-2108.patch: fix ASN1_INTEGER handling in
      crypto/asn1/a_type.c, crypto/asn1/asn1.h, crypto/asn1/tasn_dec.c,
      crypto/asn1/tasn_enc.c.
    - CVE-2016-2108
  * SECURITY UPDATE: ASN.1 BIO excessive memory allocation
    - debian/patches/CVE-2016-2109.patch: properly handle large amounts of
      data in crypto/asn1/a_d2i_fp.c.
    - CVE-2016-2109
  * debian/patches/min_1024_dh_size.patch: change minimum DH size from 768
    to 1024.

37ad5bf... by Marc Deslauriers on 2016-04-28

[PATCH] Change minimum DH size from 768 to 1024

Gbp-Pq: min_1024_dh_size.patch.

57cd417... by Marc Deslauriers on 2016-04-28

[PATCH] Harden ASN.1 BIO handling of large amounts of data.

Gbp-Pq: CVE-2016-2109.patch.

eb4914f... by Marc Deslauriers on 2016-04-28

fix Memory corruption in the ASN.1 encoder

Gbp-Pq: CVE-2016-2108.patch.

11ab706... by Marc Deslauriers on 2016-04-28

[PATCH] Check that we have enough padding characters.

Gbp-Pq: CVE-2016-2107.patch.

faf83c9... by Marc Deslauriers on 2016-04-28

[PATCH] Fix encrypt overflow

Gbp-Pq: CVE-2016-2106.patch.

7a10a2c... by Marc Deslauriers on 2016-04-28

fix EVP_EncodeUpdate overflow

Gbp-Pq: CVE-2016-2105.patch.

67de23d... by Marc Deslauriers on 2016-04-28

fix side channel attack on modular exponentiation

Gbp-Pq: CVE-2016-0702.patch.

a69da51... by Marc Deslauriers on 2016-04-28

[PATCH] Fix BN_hex2bn/BN_dec2bn NULL ptr/heap corruption

Gbp-Pq: CVE-2016-0797.patch.

a78865b... by Marc Deslauriers on 2016-04-28

[PATCH] Fix memory issues in BIO_*printf functions

Gbp-Pq: CVE-2016-0799.patch.