openssl 1.1.0g-2ubuntu5 source package in Ubuntu
Changelog
openssl (1.1.0g-2ubuntu5) cosmic; urgency=medium
* SECURITY UPDATE: ECDSA key extraction side channel
- debian/patches/CVE-2018-0495.patch: add blinding to an ECDSA
signature in crypto/ec/ecdsa_ossl.c.
- CVE-2018-0495
* SECURITY UPDATE: denial of service via long prime values
- debian/patches/CVE-2018-0732.patch: reject excessively large primes
in DH key generation in crypto/dh/dh_key.c.
- CVE-2018-0732
* SECURITY UPDATE: RSA cache timing side channel attack
- debian/patches/CVE-2018-0737-1.patch: replaced variable-time GCD in
crypto/rsa/rsa_gen.c.
- debian/patches/CVE-2018-0737-2.patch: used ERR set/pop mark in
crypto/rsa/rsa_gen.c.
- debian/patches/CVE-2018-0737-3.patch: consttime flag changed in
crypto/rsa/rsa_gen.c.
- debian/patches/CVE-2018-0737-4.patch: ensure BN_mod_inverse and
BN_mod_exp_mont both get called with BN_FLG_CONSTTIME flag set in
crypto/rsa/rsa_gen.c.
- CVE-2018-0737
-- Marc Deslauriers <email address hidden> Wed, 20 Jun 2018 07:13:37 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Cosmic
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- utils
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| openssl_1.1.0g.orig.tar.gz | 5.2 MiB | de4d501267da39310905cb6dc8c6121f7a2cad45a7707f76df828fe1b85073af |
| openssl_1.1.0g.orig.tar.gz.asc | 455 bytes | 2a7532e6722aab8989644049ba5c1d3a5fce417aa4b18235eec901224098bbed |
| openssl_1.1.0g-2ubuntu5.debian.tar.xz | 73.9 KiB | e544407abbeb22139617887b93b97d212c3153d5367dfcd30c1c2b64e3a8fdb0 |
| openssl_1.1.0g-2ubuntu5.dsc | 2.6 KiB | 87074f7bf6c7edc83a2bb5b5b17278131979dd34b8b329c5316dba712c36f87a |
Available diffs
Binary packages built by this source
- libcrypto1.1-udeb: No summary available for libcrypto1.1-udeb in ubuntu cosmic.
No description available for libcrypto1.1-udeb in ubuntu cosmic.
- libssl-dev: No summary available for libssl-dev in ubuntu cosmic.
No description available for libssl-dev in ubuntu cosmic.
- libssl-doc: No summary available for libssl-doc in ubuntu cosmic.
No description available for libssl-doc in ubuntu cosmic.
- libssl1.1: No summary available for libssl1.1 in ubuntu cosmic.
No description available for libssl1.1 in ubuntu cosmic.
- libssl1.1-dbgsym: No summary available for libssl1.1-dbgsym in ubuntu cosmic.
No description available for libssl1.1-dbgsym in ubuntu cosmic.
- libssl1.1-udeb: No summary available for libssl1.1-udeb in ubuntu cosmic.
No description available for libssl1.1-udeb in ubuntu cosmic.
- openssl: No summary available for openssl in ubuntu cosmic.
No description available for openssl in ubuntu cosmic.
- openssl-dbgsym: No summary available for openssl-dbgsym in ubuntu cosmic.
No description available for openssl-dbgsym in ubuntu cosmic.
