Ubuntu
openssl package

Branches for Karmic

Name Status Last Modified Last Commit
lp://staging/ubuntu/karmic/openssl 2 Mature 2009-12-02 16:49:00 UTC
33. * SECURITY UPDATE: certificate spoofi...

Author: Marc Deslauriers
Revision Date: 2009-09-08 14:59:05 UTC

* SECURITY UPDATE: certificate spoofing via hash collisions from MD2
  design flaws.
  - crypto/evp/c_alld.c, ssl/ssl_algs.c: disable MD2 digest.
  - crypto/x509/x509_vfy.c: skip signature check for self signed
    certificates
  - http://marc.info/?l=openssl-cvs&m=124508133203041&w=2
  - http://marc.info/?l=openssl-cvs&m=124704528713852&w=2
  - CVE-2009-2409
lp://staging/ubuntu/karmic-proposed/openssl bug 2 Mature 2010-08-18 22:43:02 UTC
35. * SECURITY UPDATE: TLS renegotiation ...

Author: Marc Deslauriers
Revision Date: 2010-08-12 08:32:19 UTC

* SECURITY UPDATE: TLS renegotiation flaw (LP: #616759)
  - apps/{s_cb,s_client,s_server}.c, doc/ssl/SSL_CTX_set_options.pod,
    ssl/{d1_both,d1_clnt,d1_srvr,s3_both,s3_clnt,s3_pkt,s3_srvr,ssl_err,
    ssl_lib,t1_lib,t1_reneg}.c, ssl/Makefile, ssl/{ssl3,ssl,ssl_locl,
    tls1}.h: backport rfc5746 support from openssl 0.9.8m.
  - CVE-2009-3555
lp://staging/ubuntu/karmic-security/openssl bug 2 Mature 2010-12-03 12:40:41 UTC
38. * SECURITY UPDATE: ciphersuite downgr...

Author: Steve Beattie
Revision Date: 2010-12-03 12:40:41 UTC

* SECURITY UPDATE: ciphersuite downgrade vulnerability
  - ssl/s3_clnt.c, ssl/s3_srvr.c: disable workaround for Netscape
    cipher suite bug
  - http://openssl.org/news/secadv_20101202.txt
  - CVE-2010-4180
lp://staging/ubuntu/karmic-updates/openssl bug 2 Mature 2011-01-19 01:14:27 UTC
38. * SECURITY UPDATE: ciphersuite downgr...

Author: Steve Beattie
Revision Date: 2010-12-03 12:40:41 UTC

* SECURITY UPDATE: ciphersuite downgrade vulnerability
  - ssl/s3_clnt.c, ssl/s3_srvr.c: disable workaround for Netscape
    cipher suite bug
  - http://openssl.org/news/secadv_20101202.txt
  - CVE-2010-4180
14 of 4 results FirstPreviousNextLast