Package "openssl"
WARNING: the "openssl" package was deleted from this repository
Name: |
openssl
|
Description: |
Secure Socket Layer (SSL) binary and related cryptographic tools
|
Latest version: |
*DELETED* |
Release: |
precise (12.04) |
Level: |
proposed |
Repository: |
main |
Links
Download "openssl"
Other versions of "openssl" in Precise
Packages in group
Deleted packages are displayed in grey.
Changelog
openssl (1.0.1-4ubuntu5.22) precise; urgency=medium
* Fix DTLS handshake on amd64 (LP: #1425914)
- debian/patches/lp1425914.patch: backport upstream patch that fixes
alignment issue causing an assert in ssl/ssl_ciph.c.
-- Marc Deslauriers <email address hidden> Thu, 26 Feb 2015 13:05:15 -0500
|
1425914 |
DTLS handshake broken - precise x64 |
|
openssl (1.0.1-4ubuntu5.10) precise-security; urgency=low
* SECURITY UPDATE: Disable compression to avoid CRIME systemwide
(LP: #1187195)
- CVE-2012-4929
- debian/patches/openssl-1.0.1e-env-zlib.patch: disable default use of
zlib to compress SSL/TLS unless the environment variable
OPENSSL_DEFAULT_ZLIB is set in the environment during library
initialization.
- Introduced to assist with programs not yet updated to provide their own
controls on compression, such as Postfix
- http://pkgs.fedoraproject.org/cgit/openssl.git/plain/openssl-1.0.1e-env-zlib.patch
-- Seth Arnold <email address hidden> Mon, 03 Jun 2013 18:13:18 -0700
|
1187195 |
OpenSSL site-wide compression disable tracking bug |
CVE-2012-4929 |
The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, and other products, can encrypt compressed data without properly obfusca |
|
About
-
Send Feedback to @ubuntu_updates