[ubuntu/precise] openssl 1.0.1-2ubuntu3 (Accepted)
Colin Watson
cjwatson at ubuntu.com
Fri Mar 30 16:15:43 UTC 2012
openssl (1.0.1-2ubuntu3) precise; urgency=low
* Temporarily work around TLS 1.2 failures as suggested by upstream
(LP #965371):
- Use client version when deciding whether to send supported signature
algorithms extension.
- Experimental workaround to large client hello issue: if
OPENSSL_NO_TLS1_2_CLIENT is set then TLS v1.2 is disabled for clients
only.
- Compile with -DOPENSSL_NO_TLS1_2_CLIENT.
This fixes most of the reported problems, but does not fix the case of
servers that reject version numbers they don't support rather than
trying to negotiate a lower version (e.g. www.mediafire.com).
Date: Fri, 30 Mar 2012 17:11:45 +0100
Changed-By: Colin Watson <cjwatson at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/precise/+source/openssl/1.0.1-2ubuntu3
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 30 Mar 2012 17:11:45 +0100
Source: openssl
Binary: openssl libssl1.0.0 libcrypto1.0.0-udeb libssl1.0.0-udeb libssl-dev libssl-doc libssl1.0.0-dbg
Architecture: source
Version: 1.0.1-2ubuntu3
Distribution: precise
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Colin Watson <cjwatson at ubuntu.com>
Description:
libcrypto1.0.0-udeb - crypto shared library - udeb (udeb)
libssl-dev - SSL development libraries, header files and documentation
libssl-doc - SSL development documentation documentation
libssl1.0.0 - SSL shared libraries
libssl1.0.0-dbg - Symbol tables for libssl and libcrypto
libssl1.0.0-udeb - ssl shared library - udeb (udeb)
openssl - Secure Socket Layer (SSL) binary and related cryptographic tools
Changes:
openssl (1.0.1-2ubuntu3) precise; urgency=low
.
* Temporarily work around TLS 1.2 failures as suggested by upstream
(LP #965371):
- Use client version when deciding whether to send supported signature
algorithms extension.
- Experimental workaround to large client hello issue: if
OPENSSL_NO_TLS1_2_CLIENT is set then TLS v1.2 is disabled for clients
only.
- Compile with -DOPENSSL_NO_TLS1_2_CLIENT.
This fixes most of the reported problems, but does not fix the case of
servers that reject version numbers they don't support rather than
trying to negotiate a lower version (e.g. www.mediafire.com).
Checksums-Sha1:
74ead9b0e337af0ddcd7a683ac3ed2474411c593 2423 openssl_1.0.1-2ubuntu3.dsc
31ed8322bd968a6073aed1d926400c16e1e48ce4 95671 openssl_1.0.1-2ubuntu3.debian.tar.gz
Checksums-Sha256:
f3258ab4f31aaf2fa311d2795e5d6771461033eba14b685c68bf50ada2c059cc 2423 openssl_1.0.1-2ubuntu3.dsc
db301838e0629bc0b6a16f355cbb8cd8ac6082c12a8992e55e9af44e4ee09ccb 95671 openssl_1.0.1-2ubuntu3.debian.tar.gz
Files:
60dc53d1bd1466c0960e9b4ee50266ee 2423 utils optional openssl_1.0.1-2ubuntu3.dsc
57bfb884baf0aff0ed5434bfb0934fcb 95671 utils optional openssl_1.0.1-2ubuntu3.debian.tar.gz
Original-Maintainer: Debian OpenSSL Team <pkg-openssl-devel at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Colin Watson <cjwatson at debian.org> -- Debian developer
iQIVAwUBT3XbYzk1h9l9hlALAQj6Bw//Tx29Fz+1HbYHjMu+Y3HDC4lbEiVgMX9k
BQghIb48EmnnXkXGDOvqo5xOxGcuoTrJ+ksN9qC/rEQgnKf0uNJTCbcLsiRHGjOE
zAmRnc46BqfbP3P+wvyPnCwIzY2Bx72h2VTNjfIjSv4+IaItumR9QYG6eX91DJn4
jnGjuYzBKgIAMTEsYAHgX/JgHi8n9ixrE6dkKD0RzPVa1RMJ4E3tWcNK1vM2zYLD
13Z39JJ1mbQIWvn5Q9Wt0DlS8sOa6XQbdLJo5Yy0/yoVEmDARR4A4E7eM0Sxh2tT
qVrwsSeuezPsApKqBfJA33KoyRX4cXG0tfX6fMp1ihevWdZWdekEx+XThw3tM+0M
JZbTLgFORFDjNjdMLttJHzjWJ9pakC28u1B3xv5tXKy2wvKtz3483xuvxtvqy05a
2N/nP54ELpQMYgqcoJKlHWRSTxn5be0XAyZ72iQ8KzLcW+oazqPNyw2ySq+GFetu
tF6nYJ/4GQR/iqyZKvhlZzbr4E6tWiMTjnboVvUYfD4ABkmwRmc8WcR6EvNXjBej
Gd857y5RjboPgNz45j9bWXiWgqAvTIo2VlbGjR7CgK1HsVcK1WF53CHOYV1HIKk9
QqciY8JjoRmeiRkawF+521M3KvjFmQuUz6WuHQHw2nqyvzvWJaSsdVPSnXQKjTkS
2SrMnYK+xak=
=JXIc
-----END PGP SIGNATURE-----
More information about the Precise-changes
mailing list