Bugs fixes in "openssl098"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2014-0195 | DTLS invalid fragment vulnerability | 2014-07-02 |
| CVE | CVE-2014-0221 | DTLS recursion flaw | 2014-07-02 |
| CVE | CVE-2014-0224 | SSL/TLS MITM vulnerability | 2014-07-02 |
| Launchpad | 1331452 | Please backport current CVEs for Precise LTS openssl098 | 2014-07-02 |
| Launchpad | 1332643 | pg_dump: Error message from server: SSL error: ccs received early | 2014-07-02 |
| CVE | CVE-2012-0884 | The implementation of Cryptographic Message Syntax (CMS) and PKCS #7 in OpenSSL before 0.9.8u and 1.x before 1.0.0h does not properly restrict certain | 2014-07-02 |
| CVE | CVE-2012-2333 | Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, | 2014-07-02 |
| CVE | CVE-2013-0166 | OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows | 2014-07-02 |
| CVE | CVE-2013-0169 | The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider t | 2014-07-02 |
| CVE | CVE-2014-0195 | DTLS invalid fragment vulnerability | 2014-07-02 |
| CVE | CVE-2014-0221 | DTLS recursion flaw | 2014-07-02 |
| CVE | CVE-2014-0224 | SSL/TLS MITM vulnerability | 2014-07-02 |
| Launchpad | 1331452 | Please backport current CVEs for Precise LTS openssl098 | 2014-07-02 |
| Launchpad | 1332643 | pg_dump: Error message from server: SSL error: ccs received early | 2014-07-02 |
| CVE | CVE-2011-1945 | The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Curve Digital Signature Algorithm (ECDSA) is used for | 2012-05-02 |
| CVE | CVE-2011-3210 | The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 through 0.9.8r and 1.0.x before 1.0.0e does not ensure thread safety during processing o | 2012-05-02 |
| CVE | CVE-2011-4108 | The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier fo | 2012-05-02 |
| CVE | CVE-2011-4019 | RESERVED | 2012-05-02 |
| CVE | CVE-2011-4576 | The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which | 2012-05-02 |
| CVE | CVE-2011-4577 | OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attackers to cause a denial of service (assertion failure | 2012-05-02 |
About
-
Send Feedback to @ubuntu_updates
