~ubuntu-branches/ubuntu/lucid/openssl/lucid-security

Viewing all changes in revision 48.

  • Committer: Bazaar Package Importer
  • Author(s): Steve Beattie, Steve Henson
  • Date: 2011-02-09 16:47:44 UTC
  • Revision ID: james.westby@ubuntu.com-20110209164744-al408f4rnr42m62v
Tags: 0.9.8k-7ubuntu8.6
* SECURITY UPDATE: OCSP stapling vulnerability
  - debian/patched/openssl-CVE-2011-0014-secadv_20110208.patch:
    stricter parsing of ClientHello message in ssl/t1_lib.c
  - CVE-2011-0014
* Forward TLS version interop patch
  - debian/patches/openssl-forward-interop.patch
  - Handle TLS versions 2.0 and later properly and correctly use
    the highest version of TLS/SSL supported. Although TLS >=
    2.0 is some way off ancient servers have a habit of sticking
    around for a while...
    [Steve Henson]

expand all expand all

Show diffs side-by-side

added added

removed removed

Lines of Context: