← Back to branch summary

~ubuntu-security/ubuntu-cve-tracker/master

« back to all changes in this revision

Viewing changes to active/CVE-2014-3510

  • Committer: Steve Beattie
  • Date: 2019-02-19 06:18:27 UTC
  • Revision ID: sbeattie@ubuntu.com-20190219061827-oh57fzcfc1u9dlfk
The ubuntu-cve-tracker project has been converted to git.

Please use 'git clone https://git.launchpad.net/ubuntu-cve-tracker' to
get the converted tree.

Show diffs side-by-side

added added

removed removed

Lines of Context:
active/CVE-2014-3510
1
 
PublicDateAtUSN: 2014-08-07
2
 
Candidate: CVE-2014-3510
3
 
PublicDate: 2014-08-13
4
 
References: 
5
 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3510
6
 
 https://www.openssl.org/news/secadv_20140806.txt
7
 
 https://usn.ubuntu.com/usn/usn-2308-1
8
 
Description:
9
 
 The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL 0.9.8
10
 
 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote
11
 
 DTLS servers to cause a denial of service (NULL pointer dereference and
12
 
 client application crash) via a crafted handshake message in conjunction
13
 
 with a (1) anonymous DH or (2) anonymous ECDH ciphersuite.
14
 
Ubuntu-Description: 
15
 
Notes: 
16
 
Bugs: 
17
 
Priority: medium
18
 
Discovered-by: Felix Gröbert
19
 
Assigned-to: mdeslaur
20
 
 
21
 
Patches_openssl:
22
 
 upstream: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=88ae012c8092852f03c50f6461175271104b4c8a (1.0.1)
23
 
 upstream: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=bff5319d9038765f864ef06e2e3c766f5c01dbd7 (0.9.8)
24
 
upstream_openssl: released (0.9.8zb,1.0.1i)
25
 
lucid_openssl: released (0.9.8k-7ubuntu8.20)
26
 
precise_openssl: released (1.0.1-4ubuntu5.17)
27
 
precise/esm_openssl: released (1.0.1-4ubuntu5.17)
28
 
trusty_openssl: released (1.0.1f-1ubuntu2.5)
29
 
utopic_openssl: released (1.0.1f-1ubuntu7)
30
 
vivid_openssl: released (1.0.1f-1ubuntu7)
31
 
vivid/stable-phone-overlay_openssl: released (1.0.1f-1ubuntu7)
32
 
vivid/ubuntu-core_openssl: released (1.0.1f-1ubuntu7)
33
 
wily_openssl: released (1.0.1f-1ubuntu7)
34
 
xenial_openssl: released (1.0.1f-1ubuntu7)
35
 
yakkety_openssl: released (1.0.1f-1ubuntu7)
36
 
zesty_openssl: released (1.0.1f-1ubuntu7)
37
 
artful_openssl: released (1.0.1f-1ubuntu7)
38
 
bionic_openssl: released (1.0.1f-1ubuntu7)
39
 
devel_openssl: released (1.0.1f-1ubuntu7)
40
 
 
41
 
Patches_openssl098:
42
 
upstream_openssl098: released (0.9.8zb)
43
 
lucid_openssl098: DNE
44
 
precise_openssl098: ignored (reached end-of-life)
45
 
precise/esm_openssl098: DNE (precise was needed)
46
 
trusty_openssl098: needed
47
 
utopic_openssl098: ignored (reached end-of-life)
48
 
vivid_openssl098: ignored (reached end-of-life)
49
 
vivid/stable-phone-overlay_openssl098: DNE
50
 
vivid/ubuntu-core_openssl098: DNE
51
 
wily_openssl098: DNE
52
 
xenial_openssl098: DNE
53
 
yakkety_openssl098: DNE
54
 
zesty_openssl098: DNE
55
 
artful_openssl098: DNE
56
 
bionic_openssl098: DNE
57
 
devel_openssl098: DNE