[ubuntu/focal-proposed] openssl 1.1.1f-1ubuntu2 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Tue Apr 21 14:13:48 UTC 2020


openssl (1.1.1f-1ubuntu2) focal; urgency=medium

  * SECURITY UPDATE: Segmentation fault in SSL_check_chain
    - debian/patches/CVE-2020-1967-1.patch: add test for CVE-2020-1967 in
      test/recipes/70-test_sslsigalgs.t.
    - debian/patches/CVE-2020-1967-2.patch: fix NULL dereference in
      SSL_check_chain() for TLS 1.3 in ssl/t1_lib.c.
    - debian/patches/CVE-2020-1967-3.patch: fix test in
      test/recipes/70-test_sslsigalgs.t.
    - debian/patches/CVE-2020-1967-4.patch: fix test in
      test/recipes/70-test_sslsigalgs.t.
    - CVE-2020-1967

Date: Mon, 20 Apr 2020 07:53:50 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/openssl/1.1.1f-1ubuntu2
-------------- next part --------------
Format: 1.8
Date: Mon, 20 Apr 2020 07:53:50 -0400
Source: openssl
Architecture: source
Version: 1.1.1f-1ubuntu2
Distribution: focal
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
 openssl (1.1.1f-1ubuntu2) focal; urgency=medium
 .
   * SECURITY UPDATE: Segmentation fault in SSL_check_chain
     - debian/patches/CVE-2020-1967-1.patch: add test for CVE-2020-1967 in
       test/recipes/70-test_sslsigalgs.t.
     - debian/patches/CVE-2020-1967-2.patch: fix NULL dereference in
       SSL_check_chain() for TLS 1.3 in ssl/t1_lib.c.
     - debian/patches/CVE-2020-1967-3.patch: fix test in
       test/recipes/70-test_sslsigalgs.t.
     - debian/patches/CVE-2020-1967-4.patch: fix test in
       test/recipes/70-test_sslsigalgs.t.
     - CVE-2020-1967
Checksums-Sha1:
 b3257444136e6d3b5f176ee92d4fae507a97bac5 2705 openssl_1.1.1f-1ubuntu2.dsc
 f168835f03b3da0259aa16b241c756f999d325cb 141644 openssl_1.1.1f-1ubuntu2.debian.tar.xz
 748d74fff5c4cc8e2b61be77360b48a00ddd3979 5899 openssl_1.1.1f-1ubuntu2_source.buildinfo
Checksums-Sha256:
 2704b83cc9f62d3ff30bff22a032b543620ade054da30c600fd0e2385c8d7c1b 2705 openssl_1.1.1f-1ubuntu2.dsc
 2a2709358bc19e4f8a1f23e25c8457c1d4c69a78d47aa4fc8dbda14545a8ec5e 141644 openssl_1.1.1f-1ubuntu2.debian.tar.xz
 d51a19a1c5d5964024b1db5466ae19047d42da6c40d1ec42d98e80b4d3bf17a7 5899 openssl_1.1.1f-1ubuntu2_source.buildinfo
Files:
 724ff3d2695b2d03663ba1f66fe48a75 2705 utils optional openssl_1.1.1f-1ubuntu2.dsc
 837d72af937e8e8b69db4a73d808df68 141644 utils optional openssl_1.1.1f-1ubuntu2.debian.tar.xz
 958490edbbfdf01daab6f7f55376be84 5899 utils optional openssl_1.1.1f-1ubuntu2_source.buildinfo
Original-Maintainer: Debian OpenSSL Team <pkg-openssl-devel at lists.alioth.debian.org>


More information about the Focal-changes mailing list