lp://staging/ubuntu/hoary-security/openssl
- Get this branch:
- bzr branch lp://staging/ubuntu/hoary-security/openssl
Branch merges
Branch information
Recent revisions
- 7. By Martin Pitt
-
* SECURITY UPDATE: Previous update did not completely fix CVE-2006-2940.
* crypto/rsa/rsa_ eay.c: Apply max. modulus bits checking to
RSA_eay_public_ decrypt( ) instead of RSA_eay_ private_ encrypt( ). Thanks to
Mark J. Cox for noticing!
* crypto/dh/dh_key.c: Fix return value to prevent free'ing an uninit'ed
pointer. - 6. By Martin Pitt
-
* SECURITY UPDATE: Remote arbitrary code execution, remote DoS.
* crypto/asn1/tasn_ dec.c, asn1_d2i_ ex_primitive( ): Initialize 'ret' to avoid
an infinite loop in some circumstances. [CVE-2006-2937]
* ssl/ssl_lib.c, SSL_get_shared_ ciphers( ): Fix len comparison to correctly
handle invalid long cipher list strings. [CVE-2006-3738]
* ssl/s2_clnt.c, get_server_hello(): Check for NULL session certificate to
avoid client crash with malicious server responses. [CVE-2006-4343]
* Certain types of public key could take disproportionate amounts of time to
process. Apply patch from Bodo Moeller to impose limits to public key type
values (similar to Mozilla's libnss). Fixes CPU usage/memory DoS. [CVE-2006-2940]
* Updated patch in previous package version to fix a few corner-case
regressions. (This reverts the changes to rsa_eay.c/rsa.h/ rsa_err. c, which
were determined to not be necessary). - 5. By Martin Pitt
-
* SECURITY UPDATE: signature forgery in some cases.
* Apply http://www.openssl. org/news/ patch-CVE- 2006-4339. txt:
- Check excessive data in padding of PKCS #1 v1.5 signatures to prevent
applications from incorrectly verifying the certificate.
* References:
CVE-2006-4339
http://www.openssl. org/news/ secadv_ 20060905. txt - 4. By Martin Pitt
-
* SECURITY UPDATE: Fix cryptographic weakness.
* ssl/s23_srvr.c:
- When using SSL_OP_MSIE_SSLV2_ RSA_PADDING, do not disable the
protocol-version rollback check, so that a man-in-the-middle cannot
force a client and server to fall back to the insecure SSL 2.0 protocol.
- Problem discovered by Yutaka Oiwa.
* References:
CAN-2005-2969
http://www.openssl. org/news/ secadv_ 20051011. txt - 3. By Christoph Martin <email address hidden>
-
* really fix der_chop. The fix from -1 was not really included (closes:
#281212)
* still fixes security problem CAN-2004-0975 etc.
- tempfile raise condition in der_chop
- Avoid a race condition when CRLs are checked in a multi threaded
environment.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp://staging/ubuntu/lucid/openssl