Comment 7 for bug 1329297

This bug was fixed in the package openssl - 1.0.1f-1ubuntu2.3

---------------
openssl (1.0.1f-1ubuntu2.3) trusty-security; urgency=medium

  * SECURITY UPDATE: regression with tls_session_secret_cb (LP: #1329297)
    - debian/patches/CVE-2014-0224.patch: set the CCS_OK flag when using
      tls_session_secret_cb for session resumption in ssl/s3_clnt.c.
 -- Marc Deslauriers <email address hidden> Thu, 12 Jun 2014 08:29:16 -0400