[ubuntu/precise-proposed] openssl 1.0.1-4ubuntu2 (Accepted)

Colin Watson cjwatson at ubuntu.com
Wed Apr 18 22:55:20 UTC 2012 

openssl (1.0.1-4ubuntu2) precise-proposed; urgency=low

  * Backport more upstream patches to work around TLS 1.2 failures
    (LP #965371):
    - Do not use record version number > TLS 1.0 in initial client hello:
      some (but not all) hanging servers will now work.
    - Truncate the number of ciphers sent in the client hello to 50.  Most
      broken servers should now work.
    - Don't allow TLS 1.2 SHA-256 ciphersuites in TLS 1.0, 1.1 connections.
  * Don't re-enable TLS 1.2 client support by default yet, since more of the
    sites listed in the above bug and its duplicates still fail if I do that
    versus leaving it disabled.

Date: Wed, 18 Apr 2012 15:03:56 +0100
Changed-By: Colin Watson <cjwatson at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/precise/+source/openssl/1.0.1-4ubuntu2
-------------- next part --------------
Format: 1.8
Date: Wed, 18 Apr 2012 15:03:56 +0100
Source: openssl
Binary: openssl libssl1.0.0 libcrypto1.0.0-udeb libssl1.0.0-udeb libssl-dev libssl-doc libssl1.0.0-dbg
Architecture: source
Version: 1.0.1-4ubuntu2
Distribution: precise-proposed
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Colin Watson <cjwatson at ubuntu.com>
Description: 
 libcrypto1.0.0-udeb - crypto shared library - udeb (udeb)
 libssl-dev - SSL development libraries, header files and documentation
 libssl-doc - SSL development documentation documentation
 libssl1.0.0 - SSL shared libraries
 libssl1.0.0-dbg - Symbol tables for libssl and libcrypto
 libssl1.0.0-udeb - ssl shared library - udeb (udeb)
 openssl    - Secure Socket Layer (SSL) binary and related cryptographic tools
Changes: 
 openssl (1.0.1-4ubuntu2) precise-proposed; urgency=low
 .
   * Backport more upstream patches to work around TLS 1.2 failures
     (LP #965371):
     - Do not use record version number > TLS 1.0 in initial client hello:
       some (but not all) hanging servers will now work.
     - Truncate the number of ciphers sent in the client hello to 50.  Most
       broken servers should now work.
     - Don't allow TLS 1.2 SHA-256 ciphersuites in TLS 1.0, 1.1 connections.
   * Don't re-enable TLS 1.2 client support by default yet, since more of the
     sites listed in the above bug and its duplicates still fail if I do that
     versus leaving it disabled.
Checksums-Sha1: 
 417a5c8e8672f4b985a9d1f3750904d044b42d69 2423 openssl_1.0.1-4ubuntu2.dsc
 b39fee813d383a29dd6fa5c53d6f13852cdf0b93 98609 openssl_1.0.1-4ubuntu2.debian.tar.gz
Checksums-Sha256: 
 7e000b5cb86113eb90931a005646e37a11093d0f351d72e3a19912032d46bba6 2423 openssl_1.0.1-4ubuntu2.dsc
 d70c08cac91d03042d0d5bfa520d5282fee8a40144d6e30f0b853e04901283b5 98609 openssl_1.0.1-4ubuntu2.debian.tar.gz
Files: 
 d886bea9e055e866efadc4ee0af11fae 2423 utils optional openssl_1.0.1-4ubuntu2.dsc
 6d870aee7c882f81bccf8e8c4ebf778d 98609 utils optional openssl_1.0.1-4ubuntu2.debian.tar.gz
Original-Maintainer: Debian OpenSSL Team <pkg-openssl-devel at lists.alioth.debian.org>

More information about the Precise-changes mailing list