Ubuntu
openssl package

openssl 0.9.8b-2ubuntu2 source package in Ubuntu

Changelog

openssl (0.9.8b-2ubuntu2) edgy; urgency=low

  * SECURITY UPDATE: Remote arbitrary code execution, remote DoS.
  * crypto/asn1/tasn_dec.c, asn1_d2i_ex_primitive(): Initialize 'ret' to avoid
    an infinite loop in some circumstances. [CVE-2006-2937]
  * ssl/ssl_lib.c, SSL_get_shared_ciphers(): Fix len comparison to correctly
    handle invalid long cipher list strings. [CVE-2006-3738]
  * ssl/s2_clnt.c, get_server_hello(): Check for NULL session certificate to
    avoid client crash with malicious server responses. [CVE-2006-4343]
  * Certain types of public key could take disproportionate amounts of time to
    process. Apply patch from Bodo Moeller to impose limits to public key type
    values (similar to Mozilla's libnss). Fixes CPU usage/memory DoS. [CVE-2006-2940]
  * Updated patch in previous package version to fix a few corner-case
    regressions. (This reverts the changes to rsa_eay.c/rsa.h/rsa_err.c, which
    were determined to not be necessary).

 -- Martin Pitt <email address hidden>   Wed, 27 Sep 2006 12:16:12 +0200

Upload details

Uploaded by:
Martin Pitt
Uploaded to:
Edgy
Original maintainer:
Debian OpenSSL Team
Architectures:
any
Section:
utils
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
openssl_0.9.8b.orig.tar.gz 3.1 MiB 69efed6275942f9312de61cf69aaef12b06c12f6b10f319672ce026a756f65c0
openssl_0.9.8b-2ubuntu2.diff.gz 46.5 KiB b8c96af4d84b379cf38ee91d68261ed3b5c1dda3c8f4d46683931b1d4a93772b
openssl_0.9.8b-2ubuntu2.dsc 811 bytes 4089913f6858f8c60541c318610de9b305b711a0c3e8068ba9c60615f4b11ac0

View changes file

Binary packages built by this source

libcrypto0.9.8-udeb: No summary available for libcrypto0.9.8-udeb in ubuntu edgy.

No description available for libcrypto0.9.8-udeb in ubuntu edgy.

libssl-dev: No summary available for libssl-dev in ubuntu feisty.

No description available for libssl-dev in ubuntu feisty.

libssl0.9.8: No summary available for libssl0.9.8 in ubuntu edgy.

No description available for libssl0.9.8 in ubuntu edgy.

libssl0.9.8-dbg: No summary available for libssl0.9.8-dbg in ubuntu feisty.

No description available for libssl0.9.8-dbg in ubuntu feisty.

openssl: No summary available for openssl in ubuntu edgy.

No description available for openssl in ubuntu edgy.