Viewing all changes in revision 59.
- Committer: Package Import Robot
- Date: 2014-10-15 13:17:00 UTC
- Revision ID: package-import@ubuntu.com-20141015131700-qmrj1d7x8lvgraqa
* SECURITY UPDATE: denial of service via session ticket integrity check
memory leak
- debian/patches/CVE-2014-3567.patch: perform cleanup in ssl/t1_lib.c.
- CVE-2014-3567
* SECURITY UPDATE: fix the no-ssl3 build option
- debian/patches/CVE-2014-3568.patch: fix conditional code in
ssl/s23_clnt.c, ssl/s23_srvr.c.
- CVE-2014-3568
* SECURITY IMPROVEMENT: Added TLS_FALLBACK_SCSV support to mitigate a
protocol downgrade attack to SSLv3 that exposes the POODLE attack.
- debian/patches/tls_fallback_scsv_support.patch: added support for
TLS_FALLBACK_SCSV in apps/s_client.c, crypto/err/openssl.ec,
ssl/d1_lib.c, ssl/dtls1.h, ssl/s23_clnt.c, ssl/s23_srvr.c,
ssl/s2_lib.c, ssl/s3_enc.c, ssl/s3_lib.c, ssl/ssl.h, ssl/ssl3.h,
ssl/ssl_err.c, ssl/ssl_lib.c, ssl/t1_enc.c, ssl/tls1.h,
ssl/ssl_locl.h, doc/apps/s_client.pod, doc/ssl/SSL_CTX_set_mode.pod.
memory leak
- debian/patches/CVE-2014-3567.patch: perform cleanup in ssl/t1_lib.c.
- CVE-2014-3567
* SECURITY UPDATE: fix the no-ssl3 build option
- debian/patches/CVE-2014-3568.patch: fix conditional code in
ssl/s23_clnt.c, ssl/s23_srvr.c.
- CVE-2014-3568
* SECURITY IMPROVEMENT: Added TLS_FALLBACK_SCSV support to mitigate a
protocol downgrade attack to SSLv3 that exposes the POODLE attack.
- debian/patches/tls_fallback_scsv_support.patch: added support for
TLS_FALLBACK_SCSV in apps/s_client.c, crypto/err/openssl.ec,
ssl/d1_lib.c, ssl/dtls1.h, ssl/s23_clnt.c, ssl/s23_srvr.c,
ssl/s2_lib.c, ssl/s3_enc.c, ssl/s3_lib.c, ssl/ssl.h, ssl/ssl3.h,
ssl/ssl_err.c, ssl/ssl_lib.c, ssl/t1_enc.c, ssl/tls1.h,
ssl/ssl_locl.h, doc/apps/s_client.pod, doc/ssl/SSL_CTX_set_mode.pod.
expand all
collapse all
added
removed
