ubuntu/+source/openssl:ubuntu/bionic-updates

Last commit made on 2019-11-18
Get this branch:
git clone -b ubuntu/bionic-updates https://git.launchpad.net/ubuntu/+source/openssl
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/bionic-updates
Repository:
lp:ubuntu/+source/openssl

Recent commits

b4b0e16... by Marc Deslauriers on 2019-11-12

Import patches-unapplied version 1.1.1-1ubuntu2.1~18.04.5 to ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: 24e5836d660d3f31ce0bef9ef5996b9747d15e5a

New changelog entries:
  * debian/patches/OPENSSL_malloc_init_hang.patch: make
    OPENSSL_malloc_init() a no-op to remove a potential infinite loop that
    can occur in some situations, such as with MySQL 5.7 on s390x.

24e5836... by Dimitri John Ledkov on 2019-06-20

Import patches-unapplied version 1.1.1-1ubuntu2.1~18.04.4 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 13142118e9e4c2c67389b0bc29ffe4c7f74dd3d7

New changelog entries:
  * Import libraries/restart-without-asking as used in postinst, to
    prevent failure to configure the package without debconf database.
    LP: #1832919

1314211... by Dimitri John Ledkov on 2019-06-14

Import patches-unapplied version 1.1.1-1ubuntu2.1~18.04.3 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 783a1f8c6e756eb395025d4bc37a2d046369349b

New changelog entries:
  * Fix path to Xorg for reboot notifications on desktop. LP: #1832421
  * Cherrypick upstream fix to allow succesful init of libssl and
    libcrypto using separate calls with different options. LP: #1832659

783a1f8... by Dimitri John Ledkov on 2019-06-11

Import patches-unapplied version 1.1.1-1ubuntu2.1~18.04.2 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 36486efbb8b4f1e7d159d34434122270c6ebfc30

New changelog entries:
  * Cherrypick upstream patch to fix ca -spkac output to be text again.
    LP: #1828215
  * Cherrypick upstream patch to prevent over long nonces in ChaCha20-Poly1305
    CVE-2019-1543
  * Bump major version of OpenSSL in postinst to trigger services restart
    upon upgrade. Many services listed there must be restarted when
    upgrading 1.1.0 to 1.1.1. LP: #1832522

36486ef... by Dimitri John Ledkov on 2018-12-13

Import patches-unapplied version 1.1.1-1ubuntu2.1~18.04.1 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: e4e0ca1bb18e57540c09dd74fc390d483ac61cc1

New changelog entries:
  * Backport OpenSSL 1.1.1 to 18.04 LTS. LP: #1797386
  * Adjust Breaks on versions published in bionic-release.

e4e0ca1... by Marc Deslauriers on 2018-12-04

Import patches-unapplied version 1.1.1-1ubuntu2.1 to ubuntu/cosmic-security

Imported using git-ubuntu import.

Changelog parent: 5c27691e1b200dee6ee3530b9b2d499d0cc8092c

New changelog entries:
  * SECURITY UPDATE: timing side channel attack in DSA
    - debian/patches/CVE-2018-0734-1.patch: fix mod inverse in
      crypto/dsa/dsa_ossl.c.
    - debian/patches/CVE-2018-0734-2.patch: fix timing vulnerability in
      crypto/dsa/dsa_ossl.c.
    - debian/patches/CVE-2018-0734-3.patch: add a constant time flag in
      crypto/dsa/dsa_ossl.c.
    - CVE-2018-0734
  * SECURITY UPDATE: timing side channel attack in ECDSA
    - debian/patches/CVE-2018-0735.patch: fix timing vulberability in
      crypto/ec/ec_mult.c.
    - CVE-2018-0735

5c27691... by Dimitri John Ledkov on 2018-09-25

Import patches-unapplied version 1.1.1-1ubuntu2 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: c95f92275d7e52006b9b2f41c5cb7071184ab2ff

New changelog entries:
  * Fixup typpos in the autopkgtest binary name.

c95f922... by Dimitri John Ledkov on 2018-09-17

Import patches-unapplied version 1.1.1-1ubuntu1 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: ec7b59aab88eec3d1da0e1dc81d7daa16ca50623

New changelog entries:
  * Merge from Debian unstable, remaining changes:
    - Replace duplicate files in the doc directory with symlinks.
    - debian/libssl1.1.postinst:
      + Display a system restart required notification on libssl1.1
        upgrade on servers.
      + Use a different priority for libssl1.1/restart-services depending
        on whether a desktop, or server dist-upgrade is being performed.
    - Revert "Enable system default config to enforce TLS1.2 as a
      minimum" & "Increase default security level from 1 to 2".
    - Further decrease security level from 1 to 0, for compatibility with
      openssl 1.0.2.

ec7b59a... by Sebastian Andrzej Siewior <email address hidden> on 2018-09-12

Import patches-unapplied version 1.1.1-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 2c0e822beb69b78e1307fba20a505c5a5953f09e

New changelog entries:
  * New upstream version.
   - Update symbol file for 1.1.1
   - CVE-2018-0732 (actually since pre8).
  * Add Breaks on python-httplib2 (Addresses: #907015)
  * Add hardening=+all.
  * Update to policy 4.2.1
    - Less verbose testsuite with terse
    - Use RRR=no

2c0e822... by Kurt Roeckx on 2018-08-21

Import patches-unapplied version 1.1.1~~pre9-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: ad855d8f10d1a5349b86c641ffe236be1e5a8ae3

New changelog entries:
  * New upstream version.
    - Support the final TLS 1.3 version (RFC 8446)
  * Upload to unstable