openssl 0.9.7d-3ubuntu0.3 source package in Ubuntu
Changelog
openssl (0.9.7d-3ubuntu0.3) warty-security; urgency=low
* SECURITY UPDATE: Fix cryptographic weakness.
* ssl/s23_srvr.c:
- When using SSL_OP_MSIE_SSLV2_RSA_PADDING, do not disable the
protocol-version rollback check, so that a man-in-the-middle cannot
force a client and server to fall back to the insecure SSL 2.0 protocol.
- Problem discovered by Yutaka Oiwa.
* References:
CAN-2005-2969
http://www.openssl.org/news/secadv_20051011.txt
-- Martin Pitt <email address hidden> Thu, 13 Oct 2005 09:48:51 +0000
Upload details
- Uploaded by:
- Ubuntu Archive Auto-Sync
- Uploaded to:
- Warty
- Original maintainer:
- Christoph Martin
- Architectures:
- any
- Section:
- utils
- Urgency:
- Low Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| openssl_0.9.7d-3ubuntu0.3.dsc | 636 bytes | 51c122dca63bd25cd6e888cb4c8869c412b11185775cc6921fba9a938ac09cb9 |
| openssl_0.9.7d.orig.tar.gz | 2.7 MiB | c25d51c20610429820fa835fe517087133309f889c5f82cc964950c4173b8079 |
| openssl_0.9.7d-3ubuntu0.3.diff.gz | 25.7 KiB | ea0cdf1f6210a6223fbc8f4c4d3f02463899469de895e56202773ffb9c626556 |
No changes file available.
Binary packages built by this source
- libssl-dev: No summary available for libssl-dev in ubuntu warty.
No description available for libssl-dev in ubuntu warty.
- libssl0.9.7: No summary available for libssl0.9.7 in ubuntu warty.
No description available for libssl0.9.7 in ubuntu warty.
- openssl: No summary available for openssl in ubuntu warty.
No description available for openssl in ubuntu warty.
