ubuntu/+source/openssl:applied/ubuntu/zesty-security

Last commit made on 2017-12-11
Get this branch:
git clone -b applied/ubuntu/zesty-security https://git.launchpad.net/ubuntu/+source/openssl
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/zesty-security
Repository:
lp:ubuntu/+source/openssl

Recent commits

44218be... by Marc Deslauriers on 2017-12-07

Import patches-applied version 1.0.2g-1ubuntu11.4 to applied/ubuntu/zesty-security

Imported using git-ubuntu import.

Changelog parent: cb19a38dca54f5678288c3fbbfebde45c9ea723c
Unapplied parent: 6de8b0ba0f530e92a56b9fbf650b28a214c6b299

New changelog entries:
  * SECURITY UPDATE: Read/write after SSL object in error state
    - debian/patches/CVE-2017-3737-pre.patch: add test/ssltestlib.*,
      add to test/Makefile.
    - debian/patches/CVE-2017-3737-1.patch: don't allow read/write after
      fatal error in ssl/ssl.h.
    - debian/patches/CVE-2017-3737-2.patch: add test to ssl/Makefile,
      ssl/fatalerrtest.c, test/Makefile.
    - CVE-2017-3737
  * SECURITY UPDATE: rsaz_1024_mul_avx2 overflow bug on x86_64
    - debian/patches/CVE-2017-3738.patch: fix digit correction bug in
      crypto/bn/asm/rsaz-avx2.pl.
    - CVE-2017-3738

6de8b0b... by Marc Deslauriers on 2017-12-07

[PATCH] bn/asm/rsaz-avx2.pl: fix digit correction bug in

Gbp-Pq: CVE-2017-3738.patch.

a5f4656... by Marc Deslauriers on 2017-12-07

[PATCH] Add a test for CVE-2017-3737

Gbp-Pq: CVE-2017-3737-2.patch.

b96c294... by Marc Deslauriers on 2017-12-07

[PATCH] Don't allow read/write after fatal error

Gbp-Pq: CVE-2017-3737-1.patch.

42bf399... by Marc Deslauriers on 2017-12-07

[PATCH] Back port ssltestlib code to 1.0.2

Gbp-Pq: CVE-2017-3737-pre.patch.

4b2f32e... by Marc Deslauriers on 2017-12-07

[PATCH] bn/asm/x86_64-mont5.pl: fix carry bug in bn_sqrx8x_internal.

Gbp-Pq: CVE-2017-3736.patch.

aff0256... by Marc Deslauriers on 2017-12-07

[PATCH] Avoid out-of-bounds read

Gbp-Pq: CVE-2017-3735.patch.

2d8ba3e... by Marc Deslauriers on 2017-12-07

fix IV handling in SHAEXT paths.

Gbp-Pq: fix-sha-ni.patch.

626d3d6... by Marc Deslauriers on 2017-12-07

Extended feature flags were not pulled on AMD processors, as result a number of extensions were effectively masked on AMD Ryzen CPU.

Gbp-Pq: move-extended-feature-detection.patch.

6cb9b81... by Marc Deslauriers on 2017-12-07

[PATCH] bn/asm/x86_64-mont5.pl: fix carry bug in bn_sqr8x_internal.

Gbp-Pq: CVE-2017-3732.patch.