openssl 1.1.1j-1ubuntu3 source package in Ubuntu

Changelog

openssl (1.1.1j-1ubuntu3) hirsute; urgency=medium

  * SECURITY UPDATE: NULL pointer deref in signature_algorithms processing
    - debian/patches/CVE-2021-3449-1.patch: fix NULL pointer dereference in
      ssl/statem/extensions.c.
    - debian/patches/CVE-2021-3449-2.patch: teach TLSProxy how to encrypt
      <= TLSv1.2 ETM records in util/perl/TLSProxy/Message.pm.
    - debian/patches/CVE-2021-3449-3.patch: add a test to
      test/recipes/70-test_renegotiation.t.
    - debian/patches/CVE-2021-3449-4.patch: ensure buffer/length pairs are
      always in sync in ssl/s3_lib.c, ssl/ssl_lib.c,
      ssl/statem/extensions.c, ssl/statem/extensions_clnt.c,
      ssl/statem/statem_clnt.c, ssl/statem/statem_srvr.c.
    - CVE-2021-3449
  * SECURITY UPDATE: CA cert check bypass with X509_V_FLAG_X509_STRICT
    - debian/patches/CVE-2021-3450-1.patch: do not override error return
      value by check_curve in crypto/x509/x509_vfy.c,
      test/verify_extra_test.c.
    - debian/patches/CVE-2021-3450-2.patch: fix return code check in
      crypto/x509/x509_vfy.c.
    - CVE-2021-3450

 -- Marc Deslauriers <email address hidden>  Thu, 25 Mar 2021 11:44:30 -0400

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Hirsute
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
utils
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
openssl_1.1.1j.orig.tar.gz 9.4 MiB aaf2fcb575cdf6491b98ab4829abf78a3dec8402b8b81efc8f23c00d443981bf
openssl_1.1.1j.orig.tar.gz.asc 488 bytes 02571ae2fb2de5a1bc613106caabb1c4007b5268312aba221ed873c365fd9c99
openssl_1.1.1j-1ubuntu3.debian.tar.xz 145.7 KiB c10f9c73ffd45ce06047c9d89d70cc40be04a919a2b0af5823c996c64947070e
openssl_1.1.1j-1ubuntu3.dsc 2.7 KiB 560df8dee88e42ab1662a5979a26541b1d91ddf7db6bae007fb629622444b94d

View changes file

Binary packages built by this source

libssl-dev: No summary available for libssl-dev in ubuntu hirsute.

No description available for libssl-dev in ubuntu hirsute.

libssl-doc: No summary available for libssl-doc in ubuntu hirsute.

No description available for libssl-doc in ubuntu hirsute.

libssl1.1: No summary available for libssl1.1 in ubuntu hirsute.

No description available for libssl1.1 in ubuntu hirsute.

libssl1.1-dbgsym: No summary available for libssl1.1-dbgsym in ubuntu hirsute.

No description available for libssl1.1-dbgsym in ubuntu hirsute.

openssl: No summary available for openssl in ubuntu impish.

No description available for openssl in ubuntu impish.

openssl-dbgsym: No summary available for openssl-dbgsym in ubuntu impish.

No description available for openssl-dbgsym in ubuntu impish.