Package "openssl"
Name: |
openssl
|
Description: |
Secure Sockets Layer toolkit - cryptographic utility
|
Latest version: |
1.1.1f-1ubuntu2 |
Release: |
focal (20.04) |
Level: |
base |
Repository: |
main |
Homepage: |
https://www.openssl.org/ |
Links
Download "openssl"
Other versions of "openssl" in Focal
Packages in group
Deleted packages are displayed in grey.
Changelog
openssl (1.1.1f-1ubuntu2) focal; urgency=medium
* SECURITY UPDATE: Segmentation fault in SSL_check_chain
- debian/patches/CVE-2020-1967-1.patch: add test for CVE-2020-1967 in
test/recipes/70-test_sslsigalgs.t.
- debian/patches/CVE-2020-1967-2.patch: fix NULL dereference in
SSL_check_chain() for TLS 1.3 in ssl/t1_lib.c.
- debian/patches/CVE-2020-1967-3.patch: fix test in
test/recipes/70-test_sslsigalgs.t.
- debian/patches/CVE-2020-1967-4.patch: fix test in
test/recipes/70-test_sslsigalgs.t.
- CVE-2020-1967
-- Marc Deslauriers <email address hidden> Mon, 20 Apr 2020 07:53:50 -0400
|
Source diff to previous version |
CVE-2020-1967 |
Server or client applications that call the SSL_check_chain() function ... |
|
openssl (1.1.1f-1ubuntu1) focal; urgency=low
* Merge from Debian unstable. Remaining changes:
- Replace duplicate files in the doc directory with symlinks.
- debian/libssl1.1.postinst:
+ Display a system restart required notification on libssl1.1
upgrade on servers.
+ Use a different priority for libssl1.1/restart-services depending
on whether a desktop, or server dist-upgrade is being performed.
+ Bump version check to to 1.1.1.
+ Import libraries/restart-without-asking template as used by above.
- Revert "Enable system default config to enforce TLS1.2 as a
minimum" & "Increase default security level from 1 to 2".
- Reword the NEWS entry, as applicable on Ubuntu.
- Cherrypick s390x SIMD acceleration patches for poly1305 and chacha20
and ECC from master.
- Use perl:native in the autopkgtest for installability on i386.
- Set OPENSSL_TLS_SECURITY_LEVEL=2 as compiled-in minimum security
level. Change meaning of SECURITY_LEVEL=2 to prohibit TLS versions
below 1.2 and update documentation. Previous default of 1, can be set
by calling SSL_CTX_set_security_level(), SSL_set_security_level() or
using ':@SECLEVEL=1' CipherString value in openssl.cfg.
|
About
-
Send Feedback to @ubuntu_updates