openssl 0.9.7e-3ubuntu0.2 source package in Ubuntu
Changelog
openssl (0.9.7e-3ubuntu0.2) hoary-security; urgency=low
* SECURITY UPDATE: Fix cryptographic weakness.
* ssl/s23_srvr.c:
- When using SSL_OP_MSIE_SSLV2_RSA_PADDING, do not disable the
protocol-version rollback check, so that a man-in-the-middle cannot
force a client and server to fall back to the insecure SSL 2.0 protocol.
- Problem discovered by Yutaka Oiwa.
* References:
CAN-2005-2969
http://www.openssl.org/news/secadv_20051011.txt
-- Martin Pitt <email address hidden> Thu, 13 Oct 2005 09:46:30 +0000
Upload details
- Uploaded by:
- Ubuntu Archive Auto-Sync
- Uploaded to:
- Hoary
- Original maintainer:
- Christoph Martin
- Architectures:
- any
- Section:
- utils
- Urgency:
- Low Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| openssl_0.9.7e-3ubuntu0.2.dsc | 645 bytes | da714085cdf5e56814a5058bca594fd129c16fc416b6adb7dda80f14c2d0a12f |
| openssl_0.9.7e.orig.tar.gz | 2.9 MiB | 25121b5dbd2b830929519325e033086ce45861cff2d0000d928f48261b1e0b7c |
| openssl_0.9.7e-3ubuntu0.2.diff.gz | 28.2 KiB | dfb55762a2a4a17e206f0a1482d133eebd8af35baa351b5d54b7db39b2d63c53 |
No changes file available.
Binary packages built by this source
- libssl-dev: No summary available for libssl-dev in ubuntu hoary.
No description available for libssl-dev in ubuntu hoary.
- libssl0.9.7: No summary available for libssl0.9.7 in ubuntu hoary.
No description available for libssl0.9.7 in ubuntu hoary.
- openssl: No summary available for openssl in ubuntu hoary.
No description available for openssl in ubuntu hoary.
