Viewing all changes in revision 48.
- Committer: Bazaar Package Importer
- Date: 2011-02-09 16:47:44 UTC
- Revision ID: james.westby@ubuntu.com-20110209164744-al408f4rnr42m62v
* SECURITY UPDATE: OCSP stapling vulnerability
- debian/patched/openssl-CVE-2011-0014-secadv_20110208.patch:
stricter parsing of ClientHello message in ssl/t1_lib.c
- CVE-2011-0014
* Forward TLS version interop patch
- debian/patches/openssl-forward-interop.patch
- Handle TLS versions 2.0 and later properly and correctly use
the highest version of TLS/SSL supported. Although TLS >=
2.0 is some way off ancient servers have a habit of sticking
around for a while...
[Steve Henson]
- debian/patched/openssl-CVE-2011-0014-secadv_20110208.patch:
stricter parsing of ClientHello message in ssl/t1_lib.c
- CVE-2011-0014
* Forward TLS version interop patch
- debian/patches/openssl-forward-interop.patch
- Handle TLS versions 2.0 and later properly and correctly use
the highest version of TLS/SSL supported. Although TLS >=
2.0 is some way off ancient servers have a habit of sticking
around for a while...
[Steve Henson]
expand all
collapse all
added
removed
