61
|
|
|
Marc Deslauriers |
0.9.8k-7ubuntu8.27 |
9 years ago
|
|
|
60
|
|
* SECURITY UPDATE: denial of service via unexpected handshake when no-ssl3 build option is used (not the default) - debian/patches/CVE-2014-3569.patch: keep the old method for now in ssl/s23_srvr.c. - CVE-2014-3569 * SECURITY UPDATE: bignum squaring may produce incorrect results - debian/patches/CVE-2014-3570.patch: fix bignum logic in crypto/bn/asm/mips3.s, crypto/bn/asm/x86_64-gcc.c, crypto/bn/bn_asm.c, added test to crypto/bn/bntest.c. - CVE-2014-3570 * SECURITY UPDATE: DTLS segmentation fault in dtls1_get_record - debian/patches/CVE-2014-3571.patch: fix crash in ssl/d1_pkt.c, ssl/s3_pkt.c. - CVE-2014-3571 * SECURITY UPDATE: ECDHE silently downgrades to ECDH [Client] - debian/patches/CVE-2014-3572.patch: don't skip server key exchange in ssl/s3_clnt.c. - CVE-2014-3572 * SECURITY UPDATE: certificate fingerprints can be modified - debian/patches/CVE-2014-8275.patch: fix various fingerprint issues in crypto/asn1/a_bitstr.c, crypto/asn1/a_type.c, crypto/asn1/a_verify.c, crypto/asn1/asn1.h, crypto/asn1/asn1_err.c, crypto/asn1/x_algor.c, crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, crypto/x509/x509.h, crypto/x509/x_all.c, util/libeay.num. - CVE-2014-8275 * SECURITY UPDATE: RSA silently downgrades to EXPORT_RSA [Client] - debian/patches/CVE-2015-0204.patch: only allow ephemeral RSA keys in export ciphersuites in ssl/d1_srvr.c, ssl/s3_clnt.c, ssl/s3_srvr.c, ssl/ssl.h, adjust documentation in doc/ssl/SSL_CTX_set_options.pod, doc/ssl/SSL_CTX_set_tmp_rsa_callback.pod. - CVE-2015-0204
|
Marc Deslauriers |
0.9.8k-7ubuntu8.23 |
9 years ago
|
|
|
59
|
|
* SECURITY UPDATE: denial of service via session ticket integrity check memory leak - debian/patches/CVE-2014-3567.patch: perform cleanup in ssl/t1_lib.c. - CVE-2014-3567 * SECURITY UPDATE: fix the no-ssl3 build option - debian/patches/CVE-2014-3568.patch: fix conditional code in ssl/s23_clnt.c, ssl/s23_srvr.c. - CVE-2014-3568 * SECURITY IMPROVEMENT: Added TLS_FALLBACK_SCSV support to mitigate a protocol downgrade attack to SSLv3 that exposes the POODLE attack. - debian/patches/tls_fallback_scsv_support.patch: added support for TLS_FALLBACK_SCSV in apps/s_client.c, crypto/err/openssl.ec, ssl/d1_lib.c, ssl/dtls1.h, ssl/s23_clnt.c, ssl/s23_srvr.c, ssl/s2_lib.c, ssl/s3_enc.c, ssl/s3_lib.c, ssl/ssl.h, ssl/ssl3.h, ssl/ssl_err.c, ssl/ssl_lib.c, ssl/t1_enc.c, ssl/tls1.h, ssl/ssl_locl.h, doc/apps/s_client.pod, doc/ssl/SSL_CTX_set_mode.pod.
|
Marc Deslauriers |
0.9.8k-7ubuntu8.22 |
10 years ago
|
|
|
58
|
|
|
Marc Deslauriers |
0.9.8k-7ubuntu8.21 |
10 years ago
|
|
|
57
|
|
|
Marc Deslauriers |
0.9.8k-7ubuntu8.20 |
10 years ago
|
|
|
56
|
|
|
Marc Deslauriers |
0.9.8k-7ubuntu8.19 |
10 years ago
|
|
|
55
|
|
|
Marc Deslauriers |
0.9.8k-7ubuntu8.18 |
10 years ago
|
|
|
54
|
|
|
Seth Arnold |
0.9.8k-7ubuntu8.15 |
11 years ago
|
|
|
53
|
|
|
Marc Deslauriers |
0.9.8k-7ubuntu8.14 |
11 years ago
|
|
|
52
|
|
|
Steve Beattie |
0.9.8k-7ubuntu8.13 |
12 years ago
|
|
|
51
|
|
|
Jamie Strandboge |
0.9.8k-7ubuntu8.11 |
12 years ago
|
|
|
50
|
|
|
Jamie Strandboge |
0.9.8k-7ubuntu8.10 |
12 years ago
|
|
|
49
|
|
|
Steve Beattie |
0.9.8k-7ubuntu8.8 |
12 years ago
|
|
|
48
|
|
|
Steve Beattie |
0.9.8k-7ubuntu8.6 |
13 years ago
|
|
|
47
|
|
|
Steve Beattie |
0.9.8k-7ubuntu8.5 |
14 years ago
|
|
|
46
|
|
|
Steve Beattie |
0.9.8k-7ubuntu8.4 |
14 years ago
|
|
|
45
|
|
|
Marc Deslauriers |
0.9.8k-7ubuntu8.3 |
14 years ago
|
|
|
44
|
|
|
Marc Deslauriers |
0.9.8k-7ubuntu8.1 |
14 years ago
|
|
|
43
|
|
|
Marc Deslauriers |
0.9.8k-7ubuntu8 |
14 years ago
|
|
|
42
|
|
|
Marc Deslauriers |
0.9.8k-7ubuntu7 |
14 years ago
|
|
|