Openssl security updates for Precise 12.04 - CVE-2015-3197

Asked by Dinesh Kandavel on 2016-01-29

As per openssl security advisory (https://www.openssl.org/news/secadv/20160128.txt), CVE-2015-3197 affects OpenSSL 1.0.1. But ubuntu cve tracker (http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-0701.html) shows that ubuntu precise pangolin is not affected.

Could you please confirm whether CVE-2015-3197 does not affect 1.0.1-4ubuntu5.33 ?

Thanks,
Dinesh.

Question information

Language:
English Edit question
Status:
Answered
For:
Ubuntu openssl Edit question
Assignee:
No assignee Edit question
Last query:
2016-01-29
Last reply:
2016-01-30

I suggest you report a bug

Manfred Hampl (m-hampl) said : #2

Don't confuse CVE-2015-3197 and CVE-2016-0701

According to http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-3197.html
"mdeslaur> openssl in Ubuntu is compiled with no-ssl2"

Can you help with this problem?

Provide an answer of your own, or ask Dinesh Kandavel for more information if necessary.

To post a message you must log in.