-
openssl (1.0.1e-3ubuntu1.6) saucy-security; urgency=medium
* SECURITY UPDATE: regression with certain renegotiations (LP: #1332643)
- debian/patches/CVE-2014-0224-regression2.patch: accept CCS after
sending finished ssl/s3_clnt.c.
-- Marc Deslauriers <email address hidden> Fri, 20 Jun 2014 13:56:05 -0400
-
openssl (1.0.1e-3ubuntu1.5) saucy-security; urgency=medium
* SECURITY UPDATE: regression with tls_session_secret_cb (LP: #1329297)
- debian/patches/CVE-2014-0224.patch: set the CCS_OK flag when using
tls_session_secret_cb for session resumption in ssl/s3_clnt.c.
-- Marc Deslauriers <email address hidden> Thu, 12 Jun 2014 08:30:03 -0400
-
openssl (1.0.1e-3ubuntu1.4) saucy-security; urgency=medium
* SECURITY UPDATE: arbitrary code execution via DTLS invalid fragment
- debian/patches/CVE-2014-0195.patch: add consistency check for DTLS
fragments in ssl/d1_both.c.
- CVE-2014-0195
* SECURITY UPDATE: denial of service via DTLS recursion flaw
- debian/patches/CVE-2014-0221.patch: handle DTLS hello request without
recursion in ssl/d1_both.c.
- CVE-2014-0221
* SECURITY UPDATE: MITM via change cipher spec
- debian/patches/CVE-2014-0224-1.patch: only accept change cipher spec
when it is expected in ssl/s3_clnt.c, ssl/s3_pkt.c, ssl/s3_srvr.c,
ssl/ssl3.h.
- debian/patches/CVE-2014-0224-2.patch: don't accept zero length master
secrets in ssl/s3_pkt.c.
- debian/patches/CVE-2014-0224-3.patch: allow CCS after resumption in
ssl/s3_clnt.c.
- CVE-2014-0224
* SECURITY UPDATE: denial of service via ECDH null session cert
- debian/patches/CVE-2014-3470.patch: check session_cert is not NULL
before dereferencing it in ssl/s3_clnt.c.
- CVE-2014-3470
-- Marc Deslauriers <email address hidden> Mon, 02 Jun 2014 14:04:18 -0400
-
openssl (1.0.1e-3ubuntu1.3) saucy-security; urgency=medium
* SECURITY UPDATE: denial of service via use after free
- debian/patches/CVE-2010-5298.patch: check s->s3->rbuf.left before
releasing buffers in ssl/s3_pkt.c.
- CVE-2010-5298
* SECURITY UPDATE: denial of service via null pointer dereference
- debian/patches/CVE-2014-0198.patch: if buffer was released, get a new
one in ssl/s3_pkt.c.
- CVE-2014-0198
-- Marc Deslauriers <email address hidden> Fri, 02 May 2014 15:27:06 -0400
-
openssl (1.0.1e-3ubuntu1.2) saucy-security; urgency=medium
* SECURITY UPDATE: side-channel attack on Montgomery ladder implementation
- debian/patches/CVE-2014-0076.patch: add and use constant time swap in
crypto/bn/bn.h, crypto/bn/bn_lib.c, crypto/ec/ec2_mult.c,
util/libeay.num.
- CVE-2014-0076
* SECURITY UPDATE: memory disclosure in TLS heartbeat extension
- debian/patches/CVE-2014-0160.patch: use correct lengths in
ssl/d1_both.c, ssl/t1_lib.c.
- CVE-2014-0160
-- Marc Deslauriers <email address hidden> Mon, 07 Apr 2014 15:43:47 -0400
-
openssl (1.0.1e-3ubuntu1.1) saucy-security; urgency=low
* SECURITY UPDATE: denial of service via invalid TLS handshake
- debian/patches/CVE-2013-4353.patch: handle no new cipher setup in
ssl/s3_both.c.
- CVE-2013-4353
* SECURITY UPDATE: denial of service via incorrect data structure
- debian/patches/CVE-2013-6449.patch: check for handshake digests in
ssl/s3_both.c,ssl/s3_pkt.c,ssl/t1_enc.c, use proper version in
ssl/s3_lib.c.
- CVE-2013-6449
* SECURITY UPDATE: denial of service via DTLS retransmission
- debian/patches/CVE-2013-6450.patch: fix DTLS retransmission in
crypto/evp/digest.c,ssl/d1_both.c,ssl/s3_pkt.c,ssl/s3_srvr.c,
ssl/ssl_locl.h,ssl/t1_enc.c.
- CVE-2013-6450
* debian/patches/no_default_rdrand.patch: Don't use rdrand engine as
default unless explicitly requested.
-- Marc Deslauriers <email address hidden> Wed, 08 Jan 2014 14:47:29 -0500
-
openssl (1.0.1e-3ubuntu1) saucy; urgency=low
* Merge with Debian, remaining changes.
- debian/libssl1.0.0.postinst:
+ Display a system restart required notification on libssl1.0.0
upgrade on servers.
+ Use a different priority for libssl1.0.0/restart-services depending
on whether a desktop, or server dist-upgrade is being performed.
- debian/{libssl1.0.0-udeb.dirs, control, rules}: Create
libssl1.0.0-udeb, for the benefit of wget-udeb (no wget-udeb package
in Debian).
- debian/{libcrypto1.0.0-udeb.dirs, libssl1.0.0.dirs, libssl1.0.0.files,
rules}: Move runtime libraries to /lib, for the benefit of
wpasupplicant.
- debian/patches/perlpath-quilt.patch: Don't change perl #! paths under
.pc.
- debian/rules:
+ Don't run 'make test' when cross-building.
+ Use host compiler when cross-building. Patch from Neil Williams.
+ Don't build for processors no longer supported: i586 (on i386)
+ Fix Makefile to properly clean up libs/ dirs in clean target.
+ Replace duplicate files in the doc directory with symlinks.
- Unapply patch c_rehash-multi and comment it out in the series as it
breaks parsing of certificates with CRLF line endings and other cases
(see Debian #642314 for discussion), it also changes the semantics of
c_rehash directories by requiring applications to parse hash link
targets as files containing potentially *multiple* certificates rather
than exactly one.
- debian/patches/tls12_workarounds.patch: Workaround large client hello
issues when TLS 1.1 and lower is in use
- debian/control: Mark Debian Vcs-* as XS-Debian-Vcs-*
- debian/patches/ubuntu_deb676533_arm_asm.patch: Enable arm assembly
code.
- debian/patches/arm64-support: Add basic arm64 support (no assembler)
- debian/rules: Enable optimized 64bit elliptic curve code contributed
by Google.
* debian/patches/tls12_workarounds.patch: updated to also disable TLS 1.2
in test suite since we disable it in the client.
* Disable compression to avoid CRIME systemwide (CVE-2012-4929).
* Dropped changes:
- debian/patches/ubuntu_deb676533_arm_asm.patch, applied in Debian.
openssl (1.0.1e-3) unstable; urgency=low
* Move <openssl/opensslconf.h> to /usr/include/$(DEB_HOST_MULTIARCH), and
mark libssl-dev Multi-Arch: same.
Patch by Colin Watson <email address hidden> (Closes: #689093)
* Add Polish translation (Closes: #658162)
* Add Turkish translation (Closes: #660971)
* Enable assembler for the arm targets, and remove armeb.
Patch by Riku Voipio <email address hidden> (Closes: #676533)
* Add support for x32 (Closes: #698406)
* enable ec_nistp_64_gcc_128 on *-amd64 (Closes: #698447)
-- Matthias Klose <email address hidden> Mon, 15 Jul 2013 14:07:52 +0200
-
openssl (1.0.1e-2ubuntu1.1) saucy-security; urgency=low
* SECURITY UPDATE: Disable compression to avoid CRIME systemwide
(LP: #1187195)
- CVE-2012-4929
- debian/patches/openssl-1.0.1e-env-zlib.patch: disable default use of
zlib to compress SSL/TLS unless the environment variable
OPENSSL_DEFAULT_ZLIB is set in the environment during library
initialization.
- Introduced to assist with programs not yet updated to provide their own
controls on compression, such as Postfix
- http://pkgs.fedoraproject.org/cgit/openssl.git/plain/openssl-1.0.1e-env-zlib.patch
-- Seth Arnold <email address hidden> Mon, 03 Jun 2013 18:14:05 -0700
-
openssl (1.0.1e-2ubuntu1) saucy; urgency=low
* Resynchronise with Debian unstable. Remaining changes:
- debian/libssl1.0.0.postinst:
+ Display a system restart required notification on libssl1.0.0
upgrade on servers.
+ Use a different priority for libssl1.0.0/restart-services depending
on whether a desktop, or server dist-upgrade is being performed.
- debian/{libssl1.0.0-udeb.dirs, control, rules}: Create
libssl1.0.0-udeb, for the benefit of wget-udeb (no wget-udeb package
in Debian).
- debian/{libcrypto1.0.0-udeb.dirs, libssl1.0.0.dirs, libssl1.0.0.files,
rules}: Move runtime libraries to /lib, for the benefit of
wpasupplicant.
- debian/patches/perlpath-quilt.patch: Don't change perl #! paths under
.pc.
- debian/rules:
+ Don't run 'make test' when cross-building.
+ Use host compiler when cross-building. Patch from Neil Williams.
+ Don't build for processors no longer supported: i586 (on i386)
+ Fix Makefile to properly clean up libs/ dirs in clean target.
+ Replace duplicate files in the doc directory with symlinks.
- Unapply patch c_rehash-multi and comment it out in the series as it
breaks parsing of certificates with CRLF line endings and other cases
(see Debian #642314 for discussion), it also changes the semantics of
c_rehash directories by requiring applications to parse hash link
targets as files containing potentially *multiple* certificates rather
than exactly one.
- debian/patches/tls12_workarounds.patch: Workaround large client hello
issues when TLS 1.1 and lower is in use
- debian/control: Mark Debian Vcs-* as XS-Debian-Vcs-*
- debian/patches/ubuntu_deb676533_arm_asm.patch: Enable arm assembly
code.
- debian/patches/arm64-support: Add basic arm64 support (no assembler)
- debian/rules: Enable optimized 64bit elliptic curve code contributed
by Google.
* debian/patches/tls12_workarounds.patch: updated to also disable TLS 1.2
in test suite since we disable it in the client.
* Dropped changes:
- debian/patches/CVE-2013-0169.patch: upstream.
- debian/patches/fix_key_decoding_deadlock.patch: upstream.
- debian/patches/CVE-2013-0166.patch: upstream.
openssl (1.0.1e-2) unstable; urgency=high
* Bump shlibs. It's needed for the udeb.
* Make cpuid work on cpu's that don't set ecx (Closes: #699692)
* Fix problem with AES-NI causing bad record mac (Closes: #701868, #702635, #678353)
* Fix problem with DTLS version check (Closes: #701826)
* Fix segfault in SSL_get_certificate (Closes: #703031)
openssl (1.0.1e-1) unstable; urgency=high
* New upstream version (Closes: #699889)
- Fixes CVE-2013-0169, CVE-2012-2686, CVE-2013-0166
- Drop renegiotate_tls.patch, applied upstream
- Export new CRYPTO_memcmp symbol, update symbol file
* Add ssltest_no_sslv2.patch so that "make test" works.
openssl (1.0.1c-5) unstable; urgency=low
* Re-enable assembler versions on sparc. They shouldn't have
been disabled for sparc v9. (Closes: #649841)
-- Marc Deslauriers <email address hidden> Tue, 21 May 2013 16:31:47 -0400
-
openssl (1.0.1c-4ubuntu8) raring; urgency=low
* SECURITY UPDATE: "Lucky Thirteen" timing side-channel TLS attack
- debian/patches/CVE-2013-0169.patch: re-enabled patch and added extra
commit from upstream to fix regression.
- CVE-2013-0169
-- Marc Deslauriers <email address hidden> Tue, 19 Mar 2013 14:33:14 -0400
