[ubuntu/precise-security] openssl 1.0.1-4ubuntu5.39 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Tue Jan 31 17:42:55 UTC 2017
openssl (1.0.1-4ubuntu5.39) precise-security; urgency=medium
* SECURITY UPDATE: Pointer arithmetic undefined behaviour
- debian/patches/CVE-2016-2177-pre.patch: check for ClientHello message
overruns in ssl/s3_srvr.c.
- debian/patches/CVE-2016-2177-pre2.patch: validate ClientHello
extension field length in ssl/t1_lib.c.
- debian/patches/CVE-2016-2177-pre3.patch: pass in a limit rather than
calculate it in ssl/s3_srvr.c, ssl/ssl_locl.h, ssl/t1_lib.c.
- debian/patches/CVE-2016-2177.patch: avoid undefined pointer
arithmetic in ssl/s3_srvr.c, ssl/t1_lib.c,
- CVE-2016-2177
* SECURITY UPDATE: ECDSA P-256 timing attack key recovery
- debian/patches/CVE-2016-7056.patch: use BN_mod_exp_mont_consttime in
crypto/ec/ec.h, crypto/ec/ec_lcl.h, crypto/ec/ec_lib.c,
crypto/ecdsa/ecs_ossl.c.
- CVE-2016-7056
* SECURITY UPDATE: DoS via warning alerts
- debian/patches/CVE-2016-8610.patch: don't allow too many consecutive
warning alerts in ssl/d1_pkt.c, ssl/s3_pkt.c, ssl/ssl.h,
ssl/ssl_locl.h.
- debian/patches/CVE-2016-8610-2.patch: fail if an unrecognised record
type is received in ssl/s3_pkt.c.
- CVE-2016-8610
* SECURITY UPDATE: Truncated packet could crash via OOB read
- debian/patches/CVE-2017-3731-pre.patch: sanity check
EVP_CTRL_AEAD_TLS_AAD in crypto/evp/e_aes.c,
crypto/evp/e_aes_cbc_hmac_sha1.c, crypto/evp/e_rc4_hmac_md5.c,
crypto/evp/evp.h, ssl/t1_enc.c.
- debian/patches/CVE-2017-3731.patch: harden RC4_MD5 cipher in
crypto/evp/e_rc4_hmac_md5.c.
- CVE-2017-3731
Date: 2017-01-30 20:33:21.449199+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.39
-------------- next part --------------
Sorry, changesfile not available.
More information about the Precise-changes
mailing list