Viewing all changes in revision 95.
- Committer: Package Import Robot
- Date: 2014-01-08 14:55:58 UTC
- Revision ID: package-import@ubuntu.com-20140108145558-5j5cn13rw8186jvl
* SECURITY UPDATE: denial of service via invalid TLS handshake
- debian/patches/CVE-2013-4353.patch: handle no new cipher setup in
ssl/s3_both.c.
- CVE-2013-4353
* SECURITY UPDATE: denial of service via incorrect data structure
- debian/patches/CVE-2013-6449.patch: check for handshake digests in
ssl/s3_both.c,ssl/s3_pkt.c,ssl/t1_enc.c, use proper version in
ssl/s3_lib.c.
- CVE-2013-6449
* SECURITY UPDATE: denial of service via DTLS retransmission
- debian/patches/CVE-2013-6450.patch: fix DTLS retransmission in
crypto/evp/digest.c,ssl/d1_both.c,ssl/s3_pkt.c,ssl/s3_srvr.c,
ssl/ssl_locl.h,ssl/t1_enc.c.
- CVE-2013-6450
* debian/patches/no_default_rdrand.patch: Don't use rdrand engine as
default unless explicitly requested.
- debian/patches/CVE-2013-4353.patch: handle no new cipher setup in
ssl/s3_both.c.
- CVE-2013-4353
* SECURITY UPDATE: denial of service via incorrect data structure
- debian/patches/CVE-2013-6449.patch: check for handshake digests in
ssl/s3_both.c,ssl/s3_pkt.c,ssl/t1_enc.c, use proper version in
ssl/s3_lib.c.
- CVE-2013-6449
* SECURITY UPDATE: denial of service via DTLS retransmission
- debian/patches/CVE-2013-6450.patch: fix DTLS retransmission in
crypto/evp/digest.c,ssl/d1_both.c,ssl/s3_pkt.c,ssl/s3_srvr.c,
ssl/ssl_locl.h,ssl/t1_enc.c.
- CVE-2013-6450
* debian/patches/no_default_rdrand.patch: Don't use rdrand engine as
default unless explicitly requested.
- files added:
- .pc/CVE-2013-4353.patch
- .pc/CVE-2013-4353.patch/ssl
- .pc/CVE-2013-6449.patch
- .pc/CVE-2013-6449.patch/ssl
- .pc/CVE-2013-6450.patch
- .pc/CVE-2013-6450.patch/crypto
- .pc/CVE-2013-6450.patch/crypto/evp
- .pc/CVE-2013-6450.patch/ssl
- .pc/no_default_rdrand.patch
- .pc/no_default_rdrand.patch/crypto
- .pc/no_default_rdrand.patch/crypto/engine
- files modified:
- .pc/applied-patches
expand all
collapse all
added
removed
