[ubuntu/precise-proposed] openssl 1.0.1-4ubuntu2 (Accepted)
Colin Watson
cjwatson at ubuntu.com
Wed Apr 18 22:55:20 UTC 2012
openssl (1.0.1-4ubuntu2) precise-proposed; urgency=low
* Backport more upstream patches to work around TLS 1.2 failures
(LP #965371):
- Do not use record version number > TLS 1.0 in initial client hello:
some (but not all) hanging servers will now work.
- Truncate the number of ciphers sent in the client hello to 50. Most
broken servers should now work.
- Don't allow TLS 1.2 SHA-256 ciphersuites in TLS 1.0, 1.1 connections.
* Don't re-enable TLS 1.2 client support by default yet, since more of the
sites listed in the above bug and its duplicates still fail if I do that
versus leaving it disabled.
Date: Wed, 18 Apr 2012 15:03:56 +0100
Changed-By: Colin Watson <cjwatson at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/precise/+source/openssl/1.0.1-4ubuntu2
-------------- next part --------------
Format: 1.8
Date: Wed, 18 Apr 2012 15:03:56 +0100
Source: openssl
Binary: openssl libssl1.0.0 libcrypto1.0.0-udeb libssl1.0.0-udeb libssl-dev libssl-doc libssl1.0.0-dbg
Architecture: source
Version: 1.0.1-4ubuntu2
Distribution: precise-proposed
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Colin Watson <cjwatson at ubuntu.com>
Description:
libcrypto1.0.0-udeb - crypto shared library - udeb (udeb)
libssl-dev - SSL development libraries, header files and documentation
libssl-doc - SSL development documentation documentation
libssl1.0.0 - SSL shared libraries
libssl1.0.0-dbg - Symbol tables for libssl and libcrypto
libssl1.0.0-udeb - ssl shared library - udeb (udeb)
openssl - Secure Socket Layer (SSL) binary and related cryptographic tools
Changes:
openssl (1.0.1-4ubuntu2) precise-proposed; urgency=low
.
* Backport more upstream patches to work around TLS 1.2 failures
(LP #965371):
- Do not use record version number > TLS 1.0 in initial client hello:
some (but not all) hanging servers will now work.
- Truncate the number of ciphers sent in the client hello to 50. Most
broken servers should now work.
- Don't allow TLS 1.2 SHA-256 ciphersuites in TLS 1.0, 1.1 connections.
* Don't re-enable TLS 1.2 client support by default yet, since more of the
sites listed in the above bug and its duplicates still fail if I do that
versus leaving it disabled.
Checksums-Sha1:
417a5c8e8672f4b985a9d1f3750904d044b42d69 2423 openssl_1.0.1-4ubuntu2.dsc
b39fee813d383a29dd6fa5c53d6f13852cdf0b93 98609 openssl_1.0.1-4ubuntu2.debian.tar.gz
Checksums-Sha256:
7e000b5cb86113eb90931a005646e37a11093d0f351d72e3a19912032d46bba6 2423 openssl_1.0.1-4ubuntu2.dsc
d70c08cac91d03042d0d5bfa520d5282fee8a40144d6e30f0b853e04901283b5 98609 openssl_1.0.1-4ubuntu2.debian.tar.gz
Files:
d886bea9e055e866efadc4ee0af11fae 2423 utils optional openssl_1.0.1-4ubuntu2.dsc
6d870aee7c882f81bccf8e8c4ebf778d 98609 utils optional openssl_1.0.1-4ubuntu2.debian.tar.gz
Original-Maintainer: Debian OpenSSL Team <pkg-openssl-devel at lists.alioth.debian.org>
More information about the Precise-changes
mailing list