Comment 3 for bug 1020621

This bug was fixed in the package openssl - 1.0.1-4ubuntu5.3

---------------
openssl (1.0.1-4ubuntu5.3) precise-security; urgency=low

  * SECURITY UPDATE: SSL_OP_ALL incorrectly disables TLS 1.1 (LP: #1018998)
    - debian/patches/lp1018998.patch: change SSL_OP_NO_TLSv1_1 from
      0x00000400L to 0x10000000L as in 1.0.1b to prevent applications
      compiled with SSL_OP_ALL from incorrectly disabling TLS 1.1.
  * debian/patches/lp1020621.patch: Make renegotiation work for TLS 1.2, 1.1
    by not using a lower record version client hello workaround if
    renegotiating. (LP: #1020621)
 -- Marc Deslauriers <email address hidden> Tue, 03 Jul 2012 11:36:01 -0400