[ubuntu/hardy-security] openssl_0.9.8g-4ubuntu3.11_sparc_translations.tar.gz (delayed), openssl_0.9.8g-4ubuntu3.11_i386_translations.tar.gz, openssl_0.9.8g-4ubuntu3.11_ia64_translations.tar.gz, openssl_0.9.8g-4ubuntu3.11_powerpc_translations.tar.gz, openssl, openssl_0.9.8g-4ubuntu3.11_lpia_translations.tar.gz, openssl_0.9.8g-4ubuntu3.11_hppa_translations.tar.gz, openssl_0.9.8g-4ubuntu3.11_amd64_translations.tar.gz 0.9.8g-4ubuntu3.11 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Thu Oct 7 15:25:07 BST 2010
openssl (0.9.8g-4ubuntu3.11) hardy-security; urgency=low
* SECURITY UPDATE: denial of service and possible code execution via
unchecked bn_wexpand return values. (LP: #655884)
- crypto/bn/{bn_mul,bn_div,bn_gf2m}.c, crypto/ec/ec2_smpl.c,
engines/e_ubsec.c: check return values.
- http://cvs.openssl.org/chngview?cn=18936
- http://cvs.openssl.org/chngview?cn=19309
- CVE-2009-3245
* SECURITY UPDATE: denial of service and possible code execution via
crafted private key with an invalid prime.
- ssl/s3_clnt.c: set bn_ctx to NULL after freeing it.
- http://www.mail-archive.com/openssl-dev@openssl.org/msg28049.html
- CVE-2010-2939
Date: Wed, 06 Oct 2010 18:21:02 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/hardy/+source/openssl/0.9.8g-4ubuntu3.11
-------------- next part --------------
Format: 1.7
Date: Wed, 06 Oct 2010 18:21:02 -0400
Source: openssl
Binary: openssl openssl-doc libssl0.9.8 libcrypto0.9.8-udeb libssl-dev libssl0.9.8-dbg
Architecture: source
Version: 0.9.8g-4ubuntu3.11
Distribution: hardy-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
libcrypto0.9.8-udeb - crypto shared library - udeb
libssl-dev - SSL development libraries, header files and documentation
libssl0.9.8 - SSL shared libraries
libssl0.9.8-dbg - Symbol tables for libssl and libcrypto
openssl - Secure Socket Layer (SSL) binary and related cryptographic tools
openssl-doc - Secure Socket Layer (SSL) documentation
Launchpad-Bugs-Fixed: 655884
Changes:
openssl (0.9.8g-4ubuntu3.11) hardy-security; urgency=low
.
* SECURITY UPDATE: denial of service and possible code execution via
unchecked bn_wexpand return values. (LP: #655884)
- crypto/bn/{bn_mul,bn_div,bn_gf2m}.c, crypto/ec/ec2_smpl.c,
engines/e_ubsec.c: check return values.
- http://cvs.openssl.org/chngview?cn=18936
- http://cvs.openssl.org/chngview?cn=19309
- CVE-2009-3245
* SECURITY UPDATE: denial of service and possible code execution via
crafted private key with an invalid prime.
- ssl/s3_clnt.c: set bn_ctx to NULL after freeing it.
- http://www.mail-archive.com/openssl-dev@openssl.org/msg28049.html
- CVE-2010-2939
Files:
e38c8afd9ab71e750a970278388de5ef 1563 utils optional openssl_0.9.8g-4ubuntu3.11.dsc
ae0451a4b1df18e95c03fd85b05d7db3 73561 utils optional openssl_0.9.8g-4ubuntu3.11.diff.gz
Original-Maintainer: Debian OpenSSL Team <pkg-openssl-devel at lists.alioth.debian.org>
More information about the Hardy-changes
mailing list