[ubuntu/lucid-security] openssl_0.9.8k-7ubuntu8.3_powerpc_translations.tar.gz, openssl_0.9.8k-7ubuntu8.3_sparc_translations.tar.gz (delayed), openssl_0.9.8k-7ubuntu8.3_ia64_translations.tar.gz, openssl, openssl_0.9.8k-7ubuntu8.3_amd64_translations.tar.gz, openssl_0.9.8k-7ubuntu8.3_i386_translations.tar.gz, openssl_0.9.8k-7ubuntu8.3_armel_translations.tar.gz 0.9.8k-7ubuntu8.3 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Thu Oct 7 15:24:09 BST 2010
openssl (0.9.8k-7ubuntu8.3) lucid-security; urgency=low
* SECURITY UPDATE: denial of service and possible code execution via
crafted private key with an invalid prime.
- debian/patches/CVE-2010-2939.patch: set bn_ctx to NULL after freeing
it in ssl/s3_clnt.c.
- CVE-2010-2939
Date: Wed, 06 Oct 2010 16:54:34 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/lucid/+source/openssl/0.9.8k-7ubuntu8.3
-------------- next part --------------
Format: 1.8
Date: Wed, 06 Oct 2010 16:54:34 -0400
Source: openssl
Binary: openssl openssl-doc libssl0.9.8 libcrypto0.9.8-udeb libssl0.9.8-udeb libssl-dev libssl0.9.8-dbg
Architecture: source
Version: 0.9.8k-7ubuntu8.3
Distribution: lucid-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
libcrypto0.9.8-udeb - crypto shared library - udeb (udeb)
libssl-dev - SSL development libraries, header files and documentation
libssl0.9.8 - SSL shared libraries
libssl0.9.8-dbg - Symbol tables for libssl and libcrypto
libssl0.9.8-udeb - ssl shared library - udeb (udeb)
openssl - Secure Socket Layer (SSL) binary and related cryptographic tools
openssl-doc - Secure Socket Layer (SSL) documentation
Changes:
openssl (0.9.8k-7ubuntu8.3) lucid-security; urgency=low
.
* SECURITY UPDATE: denial of service and possible code execution via
crafted private key with an invalid prime.
- debian/patches/CVE-2010-2939.patch: set bn_ctx to NULL after freeing
it in ssl/s3_clnt.c.
- CVE-2010-2939
Checksums-Sha1:
a22708f3e9c0f4c167e3e6f1a7c5bcc11cc43c97 2102 openssl_0.9.8k-7ubuntu8.3.dsc
aab2be3bcdcbe862963924a25935e0274c1093b1 110269 openssl_0.9.8k-7ubuntu8.3.diff.gz
Checksums-Sha256:
542b1ba04aae99fd8d4d3dcfbb3ccc62031fadef79ce7aa859c21747aa28f527 2102 openssl_0.9.8k-7ubuntu8.3.dsc
f4ec42a0cc82214b596c9dc2a2f26651bce7eae45d1e36b56232c476dc80f4cc 110269 openssl_0.9.8k-7ubuntu8.3.diff.gz
Files:
1ca4fe91716b44545e7d95a6866ae831 2102 utils optional openssl_0.9.8k-7ubuntu8.3.dsc
c4f3879fd7476f5f7248be9bbbaa3728 110269 utils optional openssl_0.9.8k-7ubuntu8.3.diff.gz
Original-Maintainer: Debian OpenSSL Team <pkg-openssl-devel at lists.alioth.debian.org>
More information about the Lucid-changes
mailing list