[ubuntu/wily-security] openssl 1.0.2d-0ubuntu1.3 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Thu Jan 28 15:26:15 UTC 2016
openssl (1.0.2d-0ubuntu1.3) wily-security; urgency=medium
* SECURITY UPDATE: DH small subgroups issue
- debian/patches/CVE-2016-0701.patch: add a test for small subgroup
attacks in crypto/dh/dhtest.c, always generate DH keys for ephemeral
DH cipher suites in doc/ssl/SSL_CTX_set_tmp_dh_callback.pod,
ssl/s3_lib.c, ssl/s3_srvr.c, ssl/ssl.h, prevent small subgroup
attacks on DH/DHE in crypto/dh/dh.h, crypto/dh/dh_check.c.
- CVE-2016-0701
Date: 2016-01-25 19:43:16.579292+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/openssl/1.0.2d-0ubuntu1.3
-------------- next part --------------
Sorry, changesfile not available.
More information about the Wily-changes
mailing list