← Back to branch summary

~ubuntu-branches/ubuntu/precise/openssl/precise-security

  • Committer: Package Import Robot
  • Author(s): Marc Deslauriers
  • Date: 2015-06-11 07:35:48 UTC
  • Revision ID: package-import@ubuntu.com-20150611073548-zlwsnksyiynnm9g7
Tags: 1.0.1-4ubuntu5.31
* SECURITY IMPROVEMENT: reject dh keys smaller than 768 bits
  - debian/patches/reject_small_dh.patch: reject small dh keys in
    ssl/s3_clnt.c, ssl/ssl.h, ssl/ssl_err.c, update documentation in
    doc/ssl/SSL_CTX_set_tmp_dh_callback.pod, make s_server use 2048-bit
    dh in apps/s_server.c, clarify docs in doc/apps/dhparam.pod,
    switch defaut dh to 2048-bit in apps/dhparam.c, apps/gendh.c.
* SECURITY UPDATE: denial of service and possible code execution via
  invalid free in DTLS
  - debian/patches/CVE-2014-8176.patch: fix invalid free in ssl/d1_lib.c.
  - CVE-2014-8176
* SECURITY UPDATE: denial of service via malformed ECParameters
  - debian/patches/CVE-2015-1788.patch: improve logic in
    crypto/bn/bn_gf2m.c.
  - CVE-2015-1788
* SECURITY UPDATE: denial of service via out-of-bounds read in
  X509_cmp_time
  - debian/patches/CVE-2015-1789.patch: properly parse time format in
    crypto/x509/x509_vfy.c.
  - CVE-2015-1789
* SECURITY UPDATE: denial of service via missing EnvelopedContent
  - debian/patches/CVE-2015-1790.patch: handle NULL data_body in
    crypto/pkcs7/pk7_doit.c.
  - CVE-2015-1790
* SECURITY UPDATE: race condition in NewSessionTicket
  - debian/patches/CVE-2015-1791.patch: create a new session in
    ssl/s3_clnt.c, ssl/ssl.h, ssl/ssl_err.c, ssl/ssl_locl.h,
    ssl/ssl_sess.c.
  - debian/patches/CVE-2015-1791-2.patch: fix kerberos issue in
    ssl/ssl_sess.c.
  - debian/patches/CVE-2015-1791-3.patch: more ssl_session_dup fixes in
    ssl/ssl_sess.c.
  - CVE-2015-1791
* SECURITY UPDATE: CMS verify infinite loop with unknown hash function
  - debian/patches/CVE-2015-1792.patch: fix infinite loop in
    crypto/cms/cms_smime.c.
  - CVE-2015-1792
Filename Latest Rev Last Changed Committer Comment Size
..
.pc 11.1.6 14 years ago Bazaar Package Importer * Split all the patches into a separate files * St Diff
apps 1 19 years ago Bazaar Package Importer Import upstream version 0.9.7d Diff
bugs 1 19 years ago Bazaar Package Importer Import upstream version 0.9.7d Diff
certs 1 19 years ago Bazaar Package Importer Import upstream version 0.9.7d Diff
crypto 1 19 years ago Bazaar Package Importer Import upstream version 0.9.7d Diff
debian 2 19 years ago Bazaar Package Importer rename -pic.a libraries to _pic.a (closes: #250016 Diff
demos 1 19 years ago Bazaar Package Importer Import upstream version 0.9.7d Diff
doc 1 19 years ago Bazaar Package Importer Import upstream version 0.9.7d Diff
engines 1.1.2 18 years ago Bazaar Package Importer Import upstream version 0.9.8a Diff
include 1 19 years ago Bazaar Package Importer Import upstream version 0.9.7d Diff
MacOS 1 19 years ago Bazaar Package Importer Import upstream version 0.9.7d Diff
ms 1 19 years ago Bazaar Package Importer Import upstream version 0.9.7d Diff
Netware 1.1.2 18 years ago Bazaar Package Importer Import upstream version 0.9.8a Diff
os2 1 19 years ago Bazaar Package Importer Import upstream version 0.9.7d Diff
perl 1 19 years ago Bazaar Package Importer Import upstream version 0.9.7d Diff
shlib 1 19 years ago Bazaar Package Importer Import upstream version 0.9.7d Diff
ssl 1 19 years ago Bazaar Package Importer Import upstream version 0.9.7d Diff
test 1 19 years ago Bazaar Package Importer Import upstream version 0.9.7d Diff
times 1 19 years ago Bazaar Package Importer Import upstream version 0.9.7d Diff
tools 1 19 years ago Bazaar Package Importer Import upstream version 0.9.7d Diff
util 1 19 years ago Bazaar Package Importer Import upstream version 0.9.7d Diff
VMS 1 19 years ago Bazaar Package Importer Import upstream version 0.9.7d Diff
ACKNOWLEDGMENTS 1.1.11 13 years ago Bazaar Package Importer Import upstream version 1.0.0c 955 bytes Diff Download File
CHANGES 1.2.6 12 years ago Package Import Robot Import upstream version 1.0.1 419 KB Diff Download File
CHANGES.SSLeay 1.1.11 13 years ago Bazaar Package Importer Import upstream version 1.0.0c 41.7 KB Diff Download File
File config 64 12 years ago Colin Watson merge from Debian 1.0.1-2 27.7 KB Diff Download File
File Configure 91 9 years ago Package Import Robot * SECURITY IMPROVEMENT: remove cipher length limit 111 KB Diff Download File
e_os.h 1.2.6 12 years ago Package Import Robot Import upstream version 1.0.1 22.7 KB Diff Download File
e_os2.h 1.2.6 12 years ago Package Import Robot Import upstream version 1.0.1 10.1 KB Diff Download File
FAQ 1.2.6 12 years ago Package Import Robot Import upstream version 1.0.1 44.8 KB Diff Download File
INSTALL 1.1.11 13 years ago Bazaar Package Importer Import upstream version 1.0.0c 14.3 KB Diff Download File
install.com 1.2.2 12 years ago Package Import Robot Import upstream version 1.0.0e 3.6 KB Diff Download File
INSTALL.DJGPP 1.1.2 18 years ago Bazaar Package Importer Import upstream version 0.9.8a 2 KB Diff Download File
INSTALL.MacOS 1 19 years ago Bazaar Package Importer Import upstream version 0.9.7d 3.1 KB Diff Download File
INSTALL.NW 1.1.7 14 years ago Bazaar Package Importer Import upstream version 0.9.8k 18.4 KB Diff Download File
INSTALL.OS2 1 19 years ago Bazaar Package Importer Import upstream version 0.9.7d 744 bytes Diff Download File
INSTALL.VMS 1.2.2 12 years ago Package Import Robot Import upstream version 1.0.0e 10.7 KB Diff Download File
INSTALL.W32 1.1.11 13 years ago Bazaar Package Importer Import upstream version 1.0.0c 11.6 KB Diff Download File
INSTALL.W64 1.1.2 18 years ago Bazaar Package Importer Import upstream version 0.9.8a 2.1 KB Diff Download File
INSTALL.WCE 1.1.11 13 years ago Bazaar Package Importer Import upstream version 1.0.0c 3.1 KB Diff Download File
LICENSE 1.2.1 13 years ago Bazaar Package Importer Import upstream version 1.0.0d 6.1 KB Diff Download File
Makefile 64 12 years ago Colin Watson merge from Debian 1.0.1-2 23.9 KB Diff Download File
Makefile.bak 1.2.6 12 years ago Package Import Robot Import upstream version 1.0.1 23.9 KB Diff Download File
Makefile.org 64 12 years ago Colin Watson merge from Debian 1.0.1-2 23.5 KB Diff Download File
Makefile.shared 55 12 years ago Bazaar Package Importer * Resynchronise with Debian (LP: #675566). Remain 21.3 KB Diff Download File
File makevms.com 1.2.6 12 years ago Package Import Robot Import upstream version 1.0.1 38.8 KB Diff Download File
NEWS 1.2.6 12 years ago Package Import Robot Import upstream version 1.0.1 25.6 KB Diff Download File
openssl.doxy 1 19 years ago Bazaar Package Importer Import upstream version 0.9.7d 137 bytes Diff Download File
openssl.ld 82 11 years ago Package Import Robot * SECURITY UPDATE: "Lucky Thirteen" timing side-ch 102 KB Diff Download File
openssl.spec 1.2.6 12 years ago Package Import Robot Import upstream version 1.0.1 7.8 KB Diff Download File
PROBLEMS 1.1.11 13 years ago Bazaar Package Importer Import upstream version 1.0.0c 8 KB Diff Download File
README 1.2.6 12 years ago Package Import Robot Import upstream version 1.0.1 8.9 KB Diff Download File
README.ASN1 1 19 years ago Bazaar Package Importer Import upstream version 0.9.7d 7.5 KB Diff Download File
README.ENGINE 1 19 years ago Bazaar Package Importer Import upstream version 0.9.7d 15.7 KB Diff Download File