[Bug 1020621] Re: TLS 1.1 and 1.2 renegotiation failure
Launchpad Bug Tracker
1020621 at bugs.launchpad.net
Wed Jul 25 13:29:09 UTC 2012
This bug was fixed in the package openssl - 1.0.1-4ubuntu5.3
---------------
openssl (1.0.1-4ubuntu5.3) precise-security; urgency=low
* SECURITY UPDATE: SSL_OP_ALL incorrectly disables TLS 1.1 (LP: #1018998)
- debian/patches/lp1018998.patch: change SSL_OP_NO_TLSv1_1 from
0x00000400L to 0x10000000L as in 1.0.1b to prevent applications
compiled with SSL_OP_ALL from incorrectly disabling TLS 1.1.
* debian/patches/lp1020621.patch: Make renegotiation work for TLS 1.2, 1.1
by not using a lower record version client hello workaround if
renegotiating. (LP: #1020621)
-- Marc Deslauriers <marc.deslauriers at ubuntu.com> Tue, 03 Jul 2012 11:36:01 -0400
** Changed in: openssl (Ubuntu Precise)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1020621
Title:
TLS 1.1 and 1.2 renegotiation failure
Status in OpenSSL cryptography and SSL/TLS toolkit:
Fix Released
Status in “openssl” package in Ubuntu:
Fix Released
Status in “openssl” source package in Precise:
Fix Released
Status in “openssl” source package in Quantal:
Fix Released
Bug description:
Openssl renegotiation is broken with tls 1.1 and 1.2:
openssl s_server
and s_client
press R
the result is:
RENEGOTIATING
140543847671464:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:340:
To manage notifications about this bug go to:
https://bugs.launchpad.net/openssl/+bug/1020621/+subscriptions
More information about the foundations-bugs
mailing list