[ubuntu/precise-security] openssl_1.0.1-4ubuntu5.2_armel_translations.tar.gz, openssl_1.0.1-4ubuntu5.2_amd64_translations.tar.gz, openssl, openssl_1.0.1-4ubuntu5.2_i386_translations.tar.gz, openssl_1.0.1-4ubuntu5.2_armhf_translations.tar.gz, openssl_1.0.1-4ubuntu5.2_powerpc_translations.tar.gz 1.0.1-4ubuntu5.2 (Accepted)

Steve Beattie sbeattie at ubuntu.com
Thu May 24 19:04:16 UTC 2012 

openssl (1.0.1-4ubuntu5.2) precise-security; urgency=low

  * SECURITY UPDATE: denial of service attack in DTLS, TLS v1.1 and
    TLS v1.2 implementation
    - debian/patches/CVE_2012-2333.patch: guard for integer overflow
      before skipping explicit IV
    - CVE-2012-2333
  * debian/patches/CVE-2012-0884-extra.patch: initialize tkeylen
    properly when encrypting CMS messages.

Date: Tue, 22 May 2012 16:05:12 -0700
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/precise/+source/openssl/1.0.1-4ubuntu5.2
-------------- next part --------------
Format: 1.8
Date: Tue, 22 May 2012 16:05:12 -0700
Source: openssl
Binary: openssl libssl1.0.0 libcrypto1.0.0-udeb libssl1.0.0-udeb libssl-dev libssl-doc libssl1.0.0-dbg
Architecture: source
Version: 1.0.1-4ubuntu5.2
Distribution: precise-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Description: 
 libcrypto1.0.0-udeb - crypto shared library - udeb (udeb)
 libssl-dev - SSL development libraries, header files and documentation
 libssl-doc - SSL development documentation documentation
 libssl1.0.0 - SSL shared libraries
 libssl1.0.0-dbg - Symbol tables for libssl and libcrypto
 libssl1.0.0-udeb - ssl shared library - udeb (udeb)
 openssl    - Secure Socket Layer (SSL) binary and related cryptographic tools
Changes: 
 openssl (1.0.1-4ubuntu5.2) precise-security; urgency=low
 .
   * SECURITY UPDATE: denial of service attack in DTLS, TLS v1.1 and
     TLS v1.2 implementation
     - debian/patches/CVE_2012-2333.patch: guard for integer overflow
       before skipping explicit IV
     - CVE-2012-2333
   * debian/patches/CVE-2012-0884-extra.patch: initialize tkeylen
     properly when encrypting CMS messages.
Checksums-Sha1: 
 0ec4d2216f07a9baaca461233aca05c21a602572 2378 openssl_1.0.1-4ubuntu5.2.dsc
 1c30811aa869130f695d97d326f91162919a7ea9 102851 openssl_1.0.1-4ubuntu5.2.debian.tar.gz
Checksums-Sha256: 
 0cdf74c34b2d95ba0cc0362f767f38c1e4618d94e950e675d6962ec6ea5a182f 2378 openssl_1.0.1-4ubuntu5.2.dsc
 c7ae769a2bfb847d61494aacc9a1456dec2b2577c5f570a55a882e57c977d130 102851 openssl_1.0.1-4ubuntu5.2.debian.tar.gz
Files: 
 a7e049d21db01c49f79e5c28162ed468 2378 utils optional openssl_1.0.1-4ubuntu5.2.dsc
 9f78eb4f18963938b29a15c2432669a8 102851 utils optional openssl_1.0.1-4ubuntu5.2.debian.tar.gz
Original-Maintainer: Debian OpenSSL Team <pkg-openssl-devel at lists.alioth.debian.org>

More information about the Precise-changes mailing list