openssl 1.0.2d-0ubuntu1.4 source package in Ubuntu

Changelog

openssl (1.0.2d-0ubuntu1.4) wily-security; urgency=medium

  * SECURITY UPDATE: side channel attack on modular exponentiation
    - debian/patches/CVE-2016-0702.patch: use constant-time calculations in
      crypto/bn/asm/rsaz-avx2.pl, crypto/bn/asm/rsaz-x86_64.pl,
      crypto/bn/asm/x86_64-mont.pl, crypto/bn/asm/x86_64-mont5.pl,
      crypto/bn/bn_exp.c.
    - CVE-2016-0702
  * SECURITY UPDATE: double-free in DSA code
    - debian/patches/CVE-2016-0705.patch: fix double-free in
      crypto/dsa/dsa_ameth.c.
    - CVE-2016-0705
  * SECURITY UPDATE: BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption
    - debian/patches/CVE-2016-0797.patch: prevent overflow in
      crypto/bn/bn_print.c, crypto/bn/bn.h.
    - CVE-2016-0797
  * SECURITY UPDATE: memory leak in SRP database lookups
    - debian/patches/CVE-2016-0798.patch: disable SRP fake user seed and
      introduce new SRP_VBASE_get1_by_user function that handled seed
      properly in apps/s_server.c, crypto/srp/srp.h, crypto/srp/srp_vfy.c,
      util/libeay.num, openssl.ld.
    - CVE-2016-0798
  * SECURITY UPDATE: memory issues in BIO_*printf functions
    - debian/patches/CVE-2016-0799.patch: prevent overflow in
      crypto/bio/b_print.c.
    - CVE-2016-0799

 -- Marc Deslauriers <email address hidden>  Mon, 29 Feb 2016 07:43:21 -0500

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Wily
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
utils
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
openssl_1.0.2d.orig.tar.gz 5.1 MiB 671c36487785628a703374c652ad2cebea45fa920ae5681515df25d9f2c9a8c8
openssl_1.0.2d-0ubuntu1.4.debian.tar.xz 109.8 KiB 45bcb9236c143b87f63d53d96a7fa152024a92e3450d444f8fa63091ce1131a2
openssl_1.0.2d-0ubuntu1.4.dsc 2.4 KiB beecac4192b6fcee75dbf4b697cb974cbb07ce3105d3cb505d438ce75d8eb14f

View changes file

Binary packages built by this source

libcrypto1.0.0-udeb: No summary available for libcrypto1.0.0-udeb in ubuntu wily.

No description available for libcrypto1.0.0-udeb in ubuntu wily.

libcrypto1.0.0-udeb-dbgsym: No summary available for libcrypto1.0.0-udeb-dbgsym in ubuntu wily.

No description available for libcrypto1.0.0-udeb-dbgsym in ubuntu wily.

libssl-dev: No summary available for libssl-dev in ubuntu wily.

No description available for libssl-dev in ubuntu wily.

libssl-dev-dbgsym: No summary available for libssl-dev-dbgsym in ubuntu wily.

No description available for libssl-dev-dbgsym in ubuntu wily.

libssl-doc: No summary available for libssl-doc in ubuntu wily.

No description available for libssl-doc in ubuntu wily.

libssl1.0.0: No summary available for libssl1.0.0 in ubuntu wily.

No description available for libssl1.0.0 in ubuntu wily.

libssl1.0.0-dbg: No summary available for libssl1.0.0-dbg in ubuntu wily.

No description available for libssl1.0.0-dbg in ubuntu wily.

libssl1.0.0-dbgsym: No summary available for libssl1.0.0-dbgsym in ubuntu wily.

No description available for libssl1.0.0-dbgsym in ubuntu wily.

libssl1.0.0-udeb: No summary available for libssl1.0.0-udeb in ubuntu wily.

No description available for libssl1.0.0-udeb in ubuntu wily.

libssl1.0.0-udeb-dbgsym: No summary available for libssl1.0.0-udeb-dbgsym in ubuntu wily.

No description available for libssl1.0.0-udeb-dbgsym in ubuntu wily.

openssl: No summary available for openssl in ubuntu wily.

No description available for openssl in ubuntu wily.

openssl-dbgsym: No summary available for openssl-dbgsym in ubuntu wily.

No description available for openssl-dbgsym in ubuntu wily.