openssl 1.0.1-4ubuntu5.36 source package in Ubuntu
Changelog
openssl (1.0.1-4ubuntu5.36) precise-security; urgency=medium
* SECURITY UPDATE: EVP_EncodeUpdate overflow
- debian/patches/CVE-2016-2105.patch: properly check lengths in
crypto/evp/encode.c, add documentation to
doc/crypto/EVP_EncodeInit.pod, doc/crypto/evp.pod.
- CVE-2016-2105
* SECURITY UPDATE: EVP_EncryptUpdate overflow
- debian/patches/CVE-2016-2106.patch: fix overflow in
crypto/evp/evp_enc.c.
- CVE-2016-2106
* SECURITY UPDATE: Padding oracle in AES-NI CBC MAC check
- debian/patches/CVE-2016-2107.patch: check that there are enough
padding characters in crypto/evp/e_aes_cbc_hmac_sha1.c.
- CVE-2016-2107
* SECURITY UPDATE: Memory corruption in the ASN.1 encoder
- debian/patches/CVE-2016-2108-1.patch: don't mishandle zero if it is
marked as negative in crypto/asn1/a_int.c.
- debian/patches/CVE-2016-2108-2.patch: fix ASN1_INTEGER handling in
crypto/asn1/a_type.c, crypto/asn1/asn1.h, crypto/asn1/tasn_dec.c,
crypto/asn1/tasn_enc.c.
- CVE-2016-2108
* SECURITY UPDATE: ASN.1 BIO excessive memory allocation
- debian/patches/CVE-2016-2109.patch: properly handle large amounts of
data in crypto/asn1/a_d2i_fp.c.
- CVE-2016-2109
* debian/patches/min_1024_dh_size.patch: change minimum DH size from 768
to 1024.
-- Marc Deslauriers <email address hidden> Thu, 28 Apr 2016 11:45:24 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Precise
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- utils
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| openssl_1.0.1.orig.tar.gz | 4.2 MiB | 4d9f0a594a9a89b28e1a04a9504c04104f6508ee27ad1e0efdd17a7a6dbbeeee |
| openssl_1.0.1-4ubuntu5.36.debian.tar.gz | 244.2 KiB | 18d527232fd0382924ef42e338f25ebbcfecef91f80e10e98291b8ffbbf2c2b5 |
| openssl_1.0.1-4ubuntu5.36.dsc | 2.3 KiB | 8279a8e7475b325d3db2daf5f1c882cfec562ffa91df47a965cdd5554ffd452b |
Available diffs
Binary packages built by this source
- libcrypto1.0.0-udeb: crypto shared library - udeb
libcrypto shared library.
.
Do not install it on a normal system.
- libcrypto1.0.0-udeb-dbgsym: debug symbols for package libcrypto1.0.0-udeb
libcrypto shared library.
.
Do not install it on a normal system.
- libssl-dev: SSL development libraries, header files and documentation
libssl and libcrypto development libraries, header files and manpages.
.
It is part of the OpenSSL implementation of SSL.
- libssl-doc: SSL development documentation documentation
libssl and libcrypto manpages and demo files.
.
It is part of the OpenSSL implementation of SSL.
- libssl1.0.0: SSL shared libraries
libssl and libcrypto shared libraries needed by programs like
apache-ssl, telnet-ssl and openssh.
.
It is part of the OpenSSL implementation of SSL.
- libssl1.0.0-dbg: Symbol tables for libssl and libcrypto
This package is part of the OpenSSL implementation of SSL.
- libssl1.0.0-dbgsym: debug symbols for package libssl1.0.0
libssl and libcrypto shared libraries needed by programs like
apache-ssl, telnet-ssl and openssh.
.
It is part of the OpenSSL implementation of SSL.
- libssl1.0.0-udeb: ssl shared library - udeb
libssl shared library.
.
Do not install it on a normal system.
- libssl1.0.0-udeb-dbgsym: debug symbols for package libssl1.0.0-udeb
libssl shared library.
.
Do not install it on a normal system.
- openssl: Secure Socket Layer (SSL) binary and related cryptographic tools
This package contains the openssl binary and related tools.
.
It is part of the OpenSSL implementation of SSL.
.
You need it to perform certain cryptographic actions like:
- Creation of RSA, DH and DSA key parameters;
- Creation of X.509 certificates, CSRs and CRLs;
- Calculation of message digests;
- Encryption and decryption with ciphers;
- SSL/TLS client and server tests;
- Handling of S/MIME signed or encrypted mail.
- openssl-dbgsym: debug symbols for package openssl
This package contains the openssl binary and related tools.
.
It is part of the OpenSSL implementation of SSL.
.
You need it to perform certain cryptographic actions like:
- Creation of RSA, DH and DSA key parameters;
- Creation of X.509 certificates, CSRs and CRLs;
- Calculation of message digests;
- Encryption and decryption with ciphers;
- SSL/TLS client and server tests;
- Handling of S/MIME signed or encrypted mail.
