Publishing details
Changelog
openssl (1.0.2f-2ubuntu1~ubuntu14.04.1~ppa1) trusty; urgency=medium
* No-change backport to trusty
openssl (1.0.2f-2ubuntu1) xenial; urgency=medium
* Merge with Debian, remaining changes.
- Disable SSLv3 without changing ABI:
+ debian/patches/no-sslv3.patch: Disable SSLv3 without using the
no-ssl3-method option
+ debian/rules: don't use no-ssl3-method, don't bump soname
+ debian/patches/engines-path.patch: don't bump soname
+ debian/patches/version-script.patch: don't bump soname
+ debian/patches/soname.patch: removed
+ debian/lib*: don't bump soname
- debian/control: don't enable rfc3779 and cms support for now as it
changes ABI.
- debian/libssl1.0.0.postinst:
+ Display a system restart required notification on libssl1.0.0
upgrade on servers.
+ Use a different priority for libssl1.0.0/restart-services depending
on whether a desktop, or server dist-upgrade is being performed.
- debian/{libssl1.0.0-udeb.dirs, control, rules}: Create
libssl1.0.0-udeb, for the benefit of wget-udeb (no wget-udeb package
in Debian).
- debian/{libcrypto1.0.0-udeb.dirs, libssl1.0.0.dirs, libssl1.0.0.files,
rules}: Move runtime libraries to /lib, for the benefit of
wpasupplicant.
- debian/patches/perlpath-quilt.patch: Don't change perl #! paths under
.pc.
- debian/rules:
+ Don't run 'make test' when cross-building.
+ Use host compiler when cross-building. Patch from Neil Williams.
+ Don't build for processors no longer supported: i586 (on i386)
+ Fix Makefile to properly clean up libs/ dirs in clean target.
+ Replace duplicate files in the doc directory with symlinks.
- debian/control: Mark Debian Vcs-* as XS-Debian-Vcs-*
- debian/rules: Enable optimized 64bit elliptic curve code contributed
by Google.
* debian/patches/CVE-2016-0701.patch: dropped, upstream.
openssl (1.0.2f-2) unstable; urgency=high
* New upstream version.
- Fixes CVE-2016-0701
- Not affected by CVE-2015-3197 because SSLv2 is disabled.
openssl (1.0.2e-1ubuntu2) xenial; urgency=medium
* SECURITY UPDATE: DH small subgroups issue
- debian/patches/CVE-2016-0701.patch: add a test for small subgroup
attacks in crypto/dh/dhtest.c, always generate DH keys for ephemeral
DH cipher suites in doc/ssl/SSL_CTX_set_tmp_dh_callback.pod,
ssl/s3_lib.c, ssl/s3_srvr.c, ssl/ssl.h, prevent small subgroup
attacks on DH/DHE in crypto/dh/dh.h, crypto/dh/dh_check.c.
- CVE-2016-0701
openssl (1.0.2e-1ubuntu1) xenial; urgency=medium
* Merge with Debian, remaining changes.
- Disable SSLv3 without changing ABI:
+ debian/patches/no-sslv3.patch: Disable SSLv3 without using the
no-ssl3-method option
+ debian/rules: don't use no-ssl3-method, don't bump soname
+ debian/patches/engines-path.patch: don't bump soname
+ debian/patches/version-script.patch: don't bump soname
+ debian/patches/soname.patch: removed
+ debian/lib*: don't bump soname
- debian/control: don't enable rfc3779 and cms support for now as it
changes ABI.
- debian/libssl1.0.0.postinst:
+ Display a system restart required notification on libssl1.0.0
upgrade on servers.
+ Use a different priority for libssl1.0.0/restart-services depending
on whether a desktop, or server dist-upgrade is being performed.
- debian/{libssl1.0.0-udeb.dirs, control, rules}: Create
libssl1.0.0-udeb, for the benefit of wget-udeb (no wget-udeb package
in Debian).
- debian/{libcrypto1.0.0-udeb.dirs, libssl1.0.0.dirs, libssl1.0.0.files,
rules}: Move runtime libraries to /lib, for the benefit of
wpasupplicant.
- debian/patches/perlpath-quilt.patch: Don't change perl #! paths under
.pc.
- debian/rules:
+ Don't run 'make test' when cross-building.
+ Use host compiler when cross-building. Patch from Neil Williams.
+ Don't build for processors no longer supported: i586 (on i386)
+ Fix Makefile to properly clean up libs/ dirs in clean target.
+ Replace duplicate files in the doc directory with symlinks.
- debian/control: Mark Debian Vcs-* as XS-Debian-Vcs-*
- debian/rules: Enable optimized 64bit elliptic curve code contributed
by Google.
openssl (1.0.2e-1) unstable; urgency=high
* New upstream release
- Fix CVE-2015-3193
- Fix CVE-2015-3194
- Fix CVE-2015-3195
- Fix CVE-2015-3196
* Remove all symlinks during clean
* Run make depend after configure
* Remove openssl_button.* from the doc package
openssl (1.0.2d-3) unstable; urgency=medium
* Upload to unstable
openssl (1.0.2d-2) experimental; urgency=medium
* Build with no-ssl3-method to remove all SSLv3 support. This results in
the functions SSLv3_method(), SSLv3_server_method() and
SSLv3_client_method() being removed from libssl. Change the soname as
result of that and also changes name of the binary package.
(Closes: #768476)
* Enable rfc3779 and cms support (Closes: #630790)
* Fix cross compilation for mips architectures. (Closes: #782492)
openssl (1.0.2d-1) unstable; urgency=high
* New upstream version
- Fixes CVE-2015-1793
openssl (1.0.2d-0ubuntu2) xenial; urgency=medium
* debian/patches/no-sslv3.patch: Disable SSLv3 without using the
no-ssl3-method option, as that changes ABI and we don't want to break
compatibility with third party applications and applications built for
older versions of Ubuntu, especially for an LTS release.
openssl (1.0.2d-0ubuntu1) wily; urgency=medium
* SECURITY UPDATE: alternative chains certificate forgery
- Updated to new upstream version
- CVE-2015-1793
openssl (1.0.2c-1ubuntu1) wily; urgency=medium
* Merge with Debian, remaining changes.
- debian/libssl1.0.0.postinst:
+ Display a system restart required notification on libssl1.0.0
upgrade on servers.
+ Use a different priority for libssl1.0.0/restart-services depending
on whether a desktop, or server dist-upgrade is being performed.
- debian/{libssl1.0.0-udeb.dirs, control, rules}: Create
libssl1.0.0-udeb, for the benefit of wget-udeb (no wget-udeb package
in Debian).
- debian/{libcrypto1.0.0-udeb.dirs, libssl1.0.0.dirs, libssl1.0.0.files,
rules}: Move runtime libraries to /lib, for the benefit of
wpasupplicant.
- debian/patches/perlpath-quilt.patch: Don't change perl #! paths under
.pc.
- debian/rules:
+ Don't run 'make test' when cross-building.
+ Use host compiler when cross-building. Patch from Neil Williams.
+ Don't build for processors no longer supported: i586 (on i386)
+ Fix Makefile to properly clean up libs/ dirs in clean target.
+ Replace duplicate files in the doc directory with symlinks.
- debian/control: Mark Debian Vcs-* as XS-Debian-Vcs-*
- debian/rules: Enable optimized 64bit elliptic curve code contributed
by Google.
openssl (1.0.2c-1) unstable; urgency=medium
* New upstream version
- Fixes ABI (Closes: #788511)
openssl (1.0.2b-1) unstable; urgency=high
* New upstream version
- Fix CVE-2015-4000
- Fix CVE-2015-1788
- Fix CVE-2015-1789
- Fix CVE-2015-1790
- Fix CVE-2015-1792
- Fix CVE-2015-1791
* Update c_rehash-compat.patch to make it apply to the new version.
* Remove openssl-pod-misspell.patch applied upstream
openssl (1.0.2a-1ubuntu1) wily; urgency=medium
* Merge with Debian, remaining changes.
- debian/libssl1.0.0.postinst:
+ Display a system restart required notification on libssl1.0.0
upgrade on servers.
+ Use a different priority for libssl1.0.0/restart-services depending
on whether a desktop, or server dist-upgrade is being performed.
- debian/{libssl1.0.0-udeb.dirs, control, rules}: Create
libssl1.0.0-udeb, for the benefit of wget-udeb (no wget-udeb package
in Debian).
- debian/{libcrypto1.0.0-udeb.dirs, libssl1.0.0.dirs, libssl1.0.0.files,
rules}: Move runtime libraries to /lib, for the benefit of
wpasupplicant.
- debian/patches/perlpath-quilt.patch: Don't change perl #! paths under
.pc.
- debian/rules:
+ Don't run 'make test' when cross-building.
+ Use host compiler when cross-building. Patch from Neil Williams.
+ Don't build for processors no longer supported: i586 (on i386)
+ Fix Makefile to properly clean up libs/ dirs in clean target.
+ Replace duplicate files in the doc directory with symlinks.
- debian/control: Mark Debian Vcs-* as XS-Debian-Vcs-*
- debian/rules: Enable optimized 64bit elliptic curve code contributed
by Google.
* Dropped patches included in new version:
- ppc64-support.patch, CVE-2014-0076.patch, CVE-2014-0160.patch,
CVE-2010-5298.patch, CVE-2014-0198.patch, CVE-2014-0195.patch,
CVE-2014-0221.patch, CVE-2014-0224-1.patch, CVE-2014-0224-2.patch,
CVE-2014-3470.patch, CVE-2014-0224-3.patch,
CVE-2014-0224-regression.patch, CVE-2014-0224-regression2.patch,
CVE-2014-3505.patch, CVE-2014-3506.patch, CVE-2014-3507.patch,
CVE-2014-3508.patch, CVE-2014-3509.patch, CVE-2014-3510.patch,
CVE-2014-3511.patch, CVE-2014-3512.patch, CVE-2014-5139.patch,
power8-optimisations.patch, tls_fallback_scsv_support.patch,
CVE-2014-3513.patch, CVE-2014-3567.patch, CVE-2014-3568.patch,
CVE-2014-3569.patch, CVE-2014-3570.patch, CVE-2014-3571-1.patch,
CVE-2014-3571-2.patch, CVE-2014-3572.patch, CVE-2014-8275.patch,
CVE-2015-0204.patch, CVE-2015-0205.patch, CVE-2015-0206.patch,
CVE-2015-0209.patch, CVE-2015-0286.patch, CVE-2015-0287.patch,
CVE-2015-0288.patch, CVE-2015-0289.patch, CVE-2015-0292.patch,
CVE-2015-0293.patch, CVE-2015-0209-2.patch, CVE-2015-0293-2.patch
openssl (1.0.2a-1) unstable; urgency=medium
* New upstrema version
- Fix CVE-2015-0286
- Fix CVE-2015-0287
- Fix CVE-2015-0289
- Fix CVE-2015-0293 (not affected, SSLv2 disabled)
- Fix CVE-2015-0209
- Fix CVE-2015-0288
- Fix CVE-2015-0291
- Fix CVE-2015-0290
- Fix CVE-2015-0207
- Fix CVE-2015-0208
- Fix CVE-2015-1787
- Fix CVE-2015-0285
* Temporary enable SSLv3 methods again, but they will go away.
* Don't set TERMIO anymore, use the default TERMIOS instead.
openssl (1.0.2-1) experimental; urgency=medium
* New upstream release
- Fixes CVE-2014-3571
- Fixes CVE-2015-0206
- Fixes CVE-2014-3569
- Fixes CVE-2014-3572
- Fixes CVE-2015-0204
- Fixes CVE-2015-0205
- Fixes CVE-2014-8275
- Fixes CVE-2014-3570
- Drop git_snapshot.patch
* Drop gnu_source.patch, dgst_hmac.patch, stddef.patch,
no_ssl3_method.patch: applied upstream
* Update patches to apply
openssl (1.0.2~beta3-1) experimental; urgency=low
* New usptream beta version
* Add git snapshot
* Merge changes between 1.0.1h-3 and 1.0.1j-1:
- Disables SSLv3 because of CVE-2014-3566
* Drop patch rehash-crt.patch: partially applied upstream.
c_rehash now doesn't support files in DER format anymore.
* Drop patch rehash_pod.patch: applied upstream
* Update c_rehash-compat.patch to apply to new upstream version. This
undoes upstream's "-old" option and creates both the new and old again.
It now also does it for CRLs.
* Drop defaults.patch, applied upstream
* dgst_hmac.patch updated to apply to upstream version.
* engines-path.patch updated to apply to upstream version.
* Update list of exported symbols
* Update symbols files to require beta3
* Enable unit tests
* Add patch to add support for the no-ssl3-method option that completly
disable SSLv3 and pass the option. This drops the following functions
from the library: SSLv3_method, SSLv3_server_method and
SSLv3_client_method
* Build using OPENSSL_NO_BUF_FREELISTS
openssl (1.0.2~beta2-1) experimental; urgency=medium
* New usptream beta version
- Fix CVE-2014-0224
- Fix CVE-2014-0221
- Fix CVE-2014-0195
- Fix CVE-2014-3470
- Fix CVE-2014-0198
- Fix CVE-2010-5298
- Fix CVE-2014-0160
- Fix CVE-2014-0076
* Merge changes between 1.0.1f-1 and 1.0.1h-3:
- postinst: Updated check for restarting services
* libdoc-manpgs-pod-spell.patch and openssl-pod-misspell.patch
partially applied upstream
* Drop fix-pod-errors.patch, applied upstream.
* Add support for ppc64le (Closes: #745657)
* Add support for OpenRISC (Closes: #736772)
openssl (1.0.2~beta1-1) experimental; urgency=medium
* New upstream beta version
- Update list of symbols that should be exported and adjust the symbols
file. This also removes a bunch of duplicate symbols in the linker
file.
- Fix additional pod errors
- Following patches have been applied upstream and are removed:
libssl-misspell.patch, pod_req_misspell2.patch,
pod_pksc12.misspell.patch, pod_s_server.misspell.patch,
pod_x509setflags.misspell.patch, pod_ec.misspell.patch,
pkcs12-doc.patch, req_bits.patch
- Following patches have been partially applied upstream:
libdoc-manpgs-pod-spell.patch, openssl-pod-misspell.patch
- Remove openssl_fix_for_x32.patch, different patch applied upstream.
* Add support for cross compiling (Closes: #465248)
openssl (1.0.1f-1ubuntu11) vivid; urgency=medium
* SECURITY UPDATE: denial of service and possible memory corruption via
malformed EC private key
- debian/patches/CVE-2015-0209.patch: fix use after free in
crypto/ec/ec_asn1.c.
- debian/patches/CVE-2015-0209-2.patch: fix a failure to NULL a pointer
freed on error in crypto/asn1/x_x509.c, crypto/ec/ec_asn1.c.
- CVE-2015-0209
* SECURITY UPDATE: denial of service via cert verification
- debian/patches/CVE-2015-0286.patch: handle boolean types in
crypto/asn1/a_type.c.
- CVE-2015-0286
* SECURITY UPDATE: ASN.1 structure reuse memory corruption
- debian/patches/CVE-2015-0287.patch: free up structures in
crypto/asn1/tasn_dec.c.
- CVE-2015-0287
* SECURITY UPDATE: denial of service via invalid certificate key
- debian/patches/CVE-2015-0288.patch: check public key isn't NULL in
crypto/x509/x509_req.c.
- CVE-2015-0288
* SECURITY UPDATE: denial of service and possible code execution via
PKCS#7 parsing
- debian/patches/CVE-2015-0289.patch: handle missing content in
crypto/pkcs7/pk7_doit.c, crypto/pkcs7/pk7_lib.c.
- CVE-2015-0289
* SECURITY UPDATE: denial of service or memory corruption via base64
decoding
- debian/patches/CVE-2015-0292.patch: prevent underflow in
crypto/evp/encode.c.
- CVE-2015-0292
* SECURITY UPDATE: denial of service via assert in SSLv2 servers
- debian/patches/CVE-2015-0293.patch: check key lengths in
ssl/s2_lib.c, ssl/s2_srvr.c.
- debian/patches/CVE-2015-0293-2.patch: fix unsigned/signed warnings in
ssl/s2_srvr.c.
- CVE-2015-0293
openssl (1.0.1f-1ubuntu10) vivid; urgency=medium
* SECURITY UPDATE: denial of service via unexpected handshake when
no-ssl3 build option is used (not the default)
- debian/patches/CVE-2014-3569.patch: keep the old method for now in
ssl/s23_srvr.c.
- CVE-2014-3569
* SECURITY UPDATE: bignum squaring may produce incorrect results
- debian/patches/CVE-2014-3570.patch: fix bignum logic in
crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c,
crypto/bn/bn_asm.c, removed crypto/bn/asm/mips3.s, added test to
crypto/bn/bntest.c.
- CVE-2014-3570
* SECURITY UPDATE: DTLS segmentation fault in dtls1_get_record
- debian/patches/CVE-2014-3571-1.patch: fix crash in ssl/d1_pkt.c,
ssl/s3_pkt.c.
- debian/patches/CVE-2014-3571-2.patch: make code more obvious in
ssl/d1_pkt.c.
- CVE-2014-3571
* SECURITY UPDATE: ECDHE silently downgrades to ECDH [Client]
- debian/patches/CVE-2014-3572.patch: don't skip server key exchange in
ssl/s3_clnt.c.
- CVE-2014-3572
* SECURITY UPDATE: certificate fingerprints can be modified
- debian/patches/CVE-2014-8275.patch: fix various fingerprint issues in
crypto/asn1/a_bitstr.c, crypto/asn1/a_type.c, crypto/asn1/a_verify.c,
crypto/asn1/asn1.h, crypto/asn1/asn1_err.c, crypto/asn1/x_algor.c,
crypto/dsa/dsa_asn1.c, crypto/ecdsa/ecs_vrf.c, crypto/x509/x509.h,
crypto/x509/x_all.c.
- CVE-2014-8275
* SECURITY UPDATE: RSA silently downgrades to EXPORT_RSA [Client]
- debian/patches/CVE-2015-0204.patch: only allow ephemeral RSA keys in
export ciphersuites in ssl/d1_srvr.c, ssl/s3_clnt.c, ssl/s3_srvr.c,
ssl/ssl.h, adjust documentation in doc/ssl/SSL_CTX_set_options.pod,
doc/ssl/SSL_CTX_set_tmp_rsa_callback.pod.
- CVE-2015-0204
* SECURITY UPDATE: DH client certificates accepted without verification
- debian/patches/CVE-2015-0205.patch: prevent use of DH client
certificates without sending certificate verify message in
ssl/s3_srvr.c.
- CVE-2015-0205
* SECURITY UPDATE: DTLS memory leak in dtls1_buffer_record
- debian/patches/CVE-2015-0206.patch: properly handle failures in
ssl/d1_pkt.c.
- CVE-2015-0206
openssl (1.0.1f-1ubuntu9) utopic; urgency=medium
* SECURITY UPDATE: denial of service via DTLS SRTP memory leak
- debian/patches/CVE-2014-3513.patch: fix logic in ssl/d1_srtp.c,
ssl/srtp.h, ssl/t1_lib.c, util/mk1mf.pl, util/mkdef.pl,
util/ssleay.num.
- CVE-2014-3513
* SECURITY UPDATE: denial of service via session ticket integrity check
memory leak
- debian/patches/CVE-2014-3567.patch: perform cleanup in ssl/t1_lib.c.
- CVE-2014-3567
* SECURITY UPDATE: fix the no-ssl3 build option
- debian/patches/CVE-2014-3568.patch: fix conditional code in
ssl/s23_clnt.c, ssl/s23_srvr.c.
- CVE-2014-3568
* SECURITY IMPROVEMENT: Added TLS_FALLBACK_SCSV support to mitigate a
protocol downgrade attack to SSLv3 that exposes the POODLE attack.
- debian/patches/tls_fallback_scsv_support.patch: added support for
TLS_FALLBACK_SCSV in apps/s_client.c, crypto/err/openssl.ec,
ssl/d1_lib.c, ssl/dtls1.h, ssl/s23_clnt.c, ssl/s23_srvr.c,
ssl/s2_lib.c, ssl/s3_enc.c, ssl/s3_lib.c, ssl/ssl.h, ssl/ssl3.h,
ssl/ssl_err.c, ssl/ssl_lib.c, ssl/t1_enc.c, ssl/tls1.h,
doc/apps/s_client.pod, doc/ssl/SSL_CTX_set_mode.pod.
openssl (1.0.1f-1ubuntu8) utopic; urgency=medium
* Backport collected POWER8 optimisations from upstream (LP: #1290579).
openssl (1.0.1f-1ubuntu7) utopic; urgency=medium
* SECURITY UPDATE: double free when processing DTLS packets
- debian/patches/CVE-2014-3505.patch: fix double free in ssl/d1_both.c.
- CVE-2014-3505
* SECURITY UPDATE: DTLS memory exhaustion
- debian/patches/CVE-2014-3506.patch: fix DTLS handshake message size
checks in ssl/d1_both.c.
- CVE-2014-3506
* SECURITY UPDATE: DTLS memory leak from zero-length fragments
- debian/patches/CVE-2014-3507.patch: fix memory leak and return codes
in ssl/d1_both.c.
- CVE-2014-3507
* SECURITY UPDATE: information leak in pretty printing functions
- debian/patches/CVE-2014-3508.patch: fix OID handling in
crypto/asn1/a_object.c, crypto/objects/obj_dat.c.
- CVE-2014-3508
* SECURITY UPDATE: race condition in ssl_parse_serverhello_tlsext
- debian/patches/CVE-2014-3509.patch: fix race in ssl/t1_lib.c.
- CVE-2014-3509
* SECURITY UPDATE: DTLS anonymous EC(DH) denial of service
- debian/patches/CVE-2014-3510.patch: check for server certs in
ssl/d1_clnt.c, ssl/s3_clnt.c.
- CVE-2014-3510
* SECURITY UPDATE: TLS protocol downgrade attack
- debian/patches/CVE-2014-3511.patch: properly handle fragments in
ssl/s23_srvr.c.
- CVE-2014-3511
* SECURITY UPDATE: SRP buffer overrun
- debian/patches/CVE-2014-3512.patch: check parameters in
crypto/srp/srp_lib.c.
- CVE-2014-3512
* SECURITY UPDATE: crash with SRP ciphersuite in Server Hello message
- debian/patches/CVE-2014-5139.patch: fix SRP authentication and make
sure ciphersuite is set up correctly in ssl/s3_clnt.c, ssl/ssl_lib.c,
ssl/s3_lib.c, ssl/ssl.h, ssl/ssl_ciph.c, ssl/ssl_locl.h.
- CVE-2014-5139
openssl (1.0.1f-1ubuntu6) utopic; urgency=medium
* SECURITY UPDATE: regression with certain renegotiations (LP: #1332643)
- debian/patches/CVE-2014-0224-regression2.patch: accept CCS after
sending finished ssl/s3_clnt.c.
openssl (1.0.1f-1ubuntu5) utopic; urgency=medium
* SECURITY UPDATE: regression with tls_session_secret_cb (LP: #1329297)
- debian/patches/CVE-2014-0224.patch: set the CCS_OK flag when using
tls_session_secret_cb for session resumption in ssl/s3_clnt.c.
openssl (1.0.1f-1ubuntu4) utopic; urgency=medium
* SECURITY UPDATE: arbitrary code execution via DTLS invalid fragment
- debian/patches/CVE-2014-0195.patch: add consistency check for DTLS
fragments in ssl/d1_both.c.
- CVE-2014-0195
* SECURITY UPDATE: denial of service via DTLS recursion flaw
- debian/patches/CVE-2014-0221.patch: handle DTLS hello request without
recursion in ssl/d1_both.c.
- CVE-2014-0221
* SECURITY UPDATE: MITM via change cipher spec
- debian/patches/CVE-2014-0224-1.patch: only accept change cipher spec
when it is expected in ssl/s3_clnt.c, ssl/s3_pkt.c, ssl/s3_srvr.c,
ssl/ssl3.h.
- debian/patches/CVE-2014-0224-2.patch: don't accept zero length master
secrets in ssl/s3_pkt.c.
- debian/patches/CVE-2014-0224-3.patch: allow CCS after resumption in
ssl/s3_clnt.c.
- CVE-2014-0224
* SECURITY UPDATE: denial of service via ECDH null session cert
- debian/patches/CVE-2014-3470.patch: check session_cert is not NULL
before dereferencing it in ssl/s3_clnt.c.
- CVE-2014-3470
openssl (1.0.1f-1ubuntu3) utopic; urgency=medium
* SECURITY UPDATE: denial of service via use after free
- debian/patches/CVE-2010-5298.patch: check s->s3->rbuf.left before
releasing buffers in ssl/s3_pkt.c.
- CVE-2010-5298
* SECURITY UPDATE: denial of service via null pointer dereference
- debian/patches/CVE-2014-0198.patch: if buffer was released, get a new
one in ssl/s3_pkt.c.
- CVE-2014-0198
-- Wes Mason (1stvamp) <wes@1stvamp.org> Thu, 04 Feb 2016 19:13:16 +0000
Builds
Built packages
-
libcrypto1.0.0-udeb
Secure Sockets Layer toolkit - libcrypto udeb
-
libssl-dev
Secure Sockets Layer toolkit - development files
-
libssl-doc
Secure Sockets Layer toolkit - development documentation
-
libssl1.0.0
Secure Sockets Layer toolkit - shared libraries
-
libssl1.0.0-dbg
Secure Sockets Layer toolkit - debug information
-
libssl1.0.0-udeb
ssl shared library - udeb
-
openssl
Secure Sockets Layer toolkit - cryptographic utility
Package files