~ubuntu-branches/ubuntu/utopic/openssl/utopic

Viewing all changes in revision 102.

  • Committer: Package Import Robot
  • Author(s): Marc Deslauriers
  • Date: 2014-04-07 15:37:53 UTC
  • Revision ID: package-import@ubuntu.com-20140407153753-or3s6s6cmebt6fy2
Tags: 1.0.1f-1ubuntu2
* SECURITY UPDATE: side-channel attack on Montgomery ladder implementation
  - debian/patches/CVE-2014-0076.patch: add and use constant time swap in
    crypto/bn/bn.h, crypto/bn/bn_lib.c, crypto/ec/ec2_mult.c,
    util/libeay.num.
  - CVE-2014-0076
* SECURITY UPDATE: memory disclosure in TLS heartbeat extension
  - debian/patches/CVE-2014-0160.patch: use correct lengths in
    ssl/d1_both.c, ssl/t1_lib.c.
  - CVE-2014-0160

expand all expand all

Show diffs side-by-side

added added

removed removed

Lines of Context: