[ubuntu/utopic-proposed] openssl 1.0.1f-1ubuntu9 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Thu Oct 16 15:53:31 UTC 2014 

openssl (1.0.1f-1ubuntu9) utopic; urgency=medium

  * SECURITY UPDATE: denial of service via DTLS SRTP memory leak
    - debian/patches/CVE-2014-3513.patch: fix logic in ssl/d1_srtp.c,
      ssl/srtp.h, ssl/t1_lib.c, util/mk1mf.pl, util/mkdef.pl,
      util/ssleay.num.
    - CVE-2014-3513
  * SECURITY UPDATE: denial of service via session ticket integrity check
    memory leak
    - debian/patches/CVE-2014-3567.patch: perform cleanup in ssl/t1_lib.c.
    - CVE-2014-3567
  * SECURITY UPDATE: fix the no-ssl3 build option
    - debian/patches/CVE-2014-3568.patch: fix conditional code in
      ssl/s23_clnt.c, ssl/s23_srvr.c.
    - CVE-2014-3568
  * SECURITY IMPROVEMENT: Added TLS_FALLBACK_SCSV support to mitigate a
    protocol downgrade attack to SSLv3 that exposes the POODLE attack.
    - debian/patches/tls_fallback_scsv_support.patch: added support for
      TLS_FALLBACK_SCSV in apps/s_client.c, crypto/err/openssl.ec,
      ssl/d1_lib.c, ssl/dtls1.h, ssl/s23_clnt.c, ssl/s23_srvr.c,
      ssl/s2_lib.c, ssl/s3_enc.c, ssl/s3_lib.c, ssl/ssl.h, ssl/ssl3.h,
      ssl/ssl_err.c, ssl/ssl_lib.c, ssl/t1_enc.c, ssl/tls1.h,
      doc/apps/s_client.pod, doc/ssl/SSL_CTX_set_mode.pod.

Date: Thu, 16 Oct 2014 10:56:10 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/utopic/+source/openssl/1.0.1f-1ubuntu9
-------------- next part --------------
Format: 1.8
Date: Thu, 16 Oct 2014 10:56:10 -0400
Source: openssl
Binary: openssl libssl1.0.0 libcrypto1.0.0-udeb libssl1.0.0-udeb libssl-dev libssl-doc libssl1.0.0-dbg
Architecture: source
Version: 1.0.1f-1ubuntu9
Distribution: utopic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
 libcrypto1.0.0-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb)
 libssl-dev - Secure Sockets Layer toolkit - development files
 libssl-doc - Secure Sockets Layer toolkit - development documentation
 libssl1.0.0 - Secure Sockets Layer toolkit - shared libraries
 libssl1.0.0-dbg - Secure Sockets Layer toolkit - debug information
 libssl1.0.0-udeb - ssl shared library - udeb (udeb)
 openssl    - Secure Sockets Layer toolkit - cryptographic utility
Changes:
 openssl (1.0.1f-1ubuntu9) utopic; urgency=medium
 .
   * SECURITY UPDATE: denial of service via DTLS SRTP memory leak
     - debian/patches/CVE-2014-3513.patch: fix logic in ssl/d1_srtp.c,
       ssl/srtp.h, ssl/t1_lib.c, util/mk1mf.pl, util/mkdef.pl,
       util/ssleay.num.
     - CVE-2014-3513
   * SECURITY UPDATE: denial of service via session ticket integrity check
     memory leak
     - debian/patches/CVE-2014-3567.patch: perform cleanup in ssl/t1_lib.c.
     - CVE-2014-3567
   * SECURITY UPDATE: fix the no-ssl3 build option
     - debian/patches/CVE-2014-3568.patch: fix conditional code in
       ssl/s23_clnt.c, ssl/s23_srvr.c.
     - CVE-2014-3568
   * SECURITY IMPROVEMENT: Added TLS_FALLBACK_SCSV support to mitigate a
     protocol downgrade attack to SSLv3 that exposes the POODLE attack.
     - debian/patches/tls_fallback_scsv_support.patch: added support for
       TLS_FALLBACK_SCSV in apps/s_client.c, crypto/err/openssl.ec,
       ssl/d1_lib.c, ssl/dtls1.h, ssl/s23_clnt.c, ssl/s23_srvr.c,
       ssl/s2_lib.c, ssl/s3_enc.c, ssl/s3_lib.c, ssl/ssl.h, ssl/ssl3.h,
       ssl/ssl_err.c, ssl/ssl_lib.c, ssl/t1_enc.c, ssl/tls1.h,
       doc/apps/s_client.pod, doc/ssl/SSL_CTX_set_mode.pod.
Checksums-Sha1:
 e0228de73627c1cd05b3ec651e623da691a1a314 2417 openssl_1.0.1f-1ubuntu9.dsc
 77de30f40c9ea0fa1b9a082bd68b503d1688d987 140596 openssl_1.0.1f-1ubuntu9.debian.tar.xz
Checksums-Sha256:
 9a03b6feec279cb11555b876d88cb69cb6b67c753edd38c6a8540122193ffdd7 2417 openssl_1.0.1f-1ubuntu9.dsc
 e7073751d4cbdbdfc5ddd653efb8e30ae8ca5cf07e3b75d4947d5d492ceb0c71 140596 openssl_1.0.1f-1ubuntu9.debian.tar.xz
Files:
 f877fac8cb154af484097e4a5bafe582 2417 utils optional openssl_1.0.1f-1ubuntu9.dsc
 ed5093196dc0f2823dc17b5e96bcf6b4 140596 utils optional openssl_1.0.1f-1ubuntu9.debian.tar.xz
Original-Maintainer: Debian OpenSSL Team <pkg-openssl-devel at lists.alioth.debian.org>

More information about the Utopic-changes mailing list