Merge openssl 0.9.8o-4 (main) from Debian unstable (main)

Bug #693902 reported by Artur Rona on 2010-12-23
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
openssl (Ubuntu)
Medium
Kees Cook
Natty
Medium
Kees Cook

Bug Description

Binary package hint: openssl

openssl (0.9.8o-4) unstable; urgency=low

   * Fix CVE-2010-4180 (Closes: #529221)

 -- Kurt Roeckx <email address hidden> Mon, 06 Dec 2010 20:33:21 +0100

Related branches

CVE References

Artur Rona (ari-tczew) wrote :
Changed in openssl (Ubuntu):
status: New → Confirmed
Kees Cook (kees) wrote :

Thanks! I've uploaded this now.

Changed in openssl (Ubuntu Natty):
assignee: nobody → Kees Cook (kees)
status: Confirmed → Fix Committed
importance: Undecided → Medium
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package openssl - 0.9.8o-4ubuntu1

---------------
openssl (0.9.8o-4ubuntu1) natty; urgency=low

  * Merge from debian unstable. Remaining changes: (LP: #693902)
    - debian/patches/Bsymbolic-functions.patch: Link using
      -Bsymbolic-functions.
    - Use a different priority for libssl0.9.8/restart-services
      depending on whether a desktop, or server dist-upgrade is being
      performed.
    - Display a system restart required notification bubble on libssl0.9.8
      upgrade.
    - Don't build for processors no longer supported: i486, i586
      (on i386), v8 (on sparc).
    - Create libssl0.9.8-udeb, for the benefit of wget-udeb (no
      wget-udeb package in Debian).
    - Replace duplicate files in the doc directory with symlinks.
    - Move runtime libraries to /lib, for the benefit of wpasupplicant.
    - Ship documentation in openssl-doc, suggested by the package.
      (Closes: #470594)
    - Use host compiler when cross-building. Patch from Neil Williams.
      (Closes: #465248).
    - Don't run 'make test' when cross-building.
    - debian/patches/aesni.patch: Backport Intel AES-NI support from
      http://rt.openssl.org/Ticket/Display.html?id=2067 (refreshed)
    - debian/patches/perlpath-quilt.patch: Don't change perl #! paths
      under .pc.
    - debian/patches/no-sslv2.patch: disable SSLv2 to match NSS
      and GnuTLS. The protocol is unsafe and extremely deprecated.
      (Closes: #589706)

openssl (0.9.8o-4) unstable; urgency=low

  * Fix CVE-2010-4180 (Closes: #529221)
 -- Artur Rona <email address hidden> Thu, 23 Dec 2010 20:20:03 +0100

Changed in openssl (Ubuntu Natty):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.