openssl097 0.9.7i-1 source package in Ubuntu
Changelog
openssl097 (0.9.7i-1) unstable; urgency=high * New upstream release * Remove the functionality of SSL_OP_MSIE_SSLV2_RSA_PADDING (part of SSL_OP_ALL). This option used to disable the countermeasure against man-in-the-middle protocol-version rollback in the SSL 2.0 server implementation, which is a bad idea. (CAN-2005-2969) * For DSA signing, unless DSA_FLAG_NO_EXP_CONSTTIME is set, perform the exponentiation using a fixed-length exponent. (Otherwise, the information leaked through timing could expose the secret key after many signatures; cf. Bleichenbacher's attack on DSA with biased k.) * Make a new fixed-window mod_exp implementation the default for RSA, DSA, and DH private-key operations so that the sequence of squares and multiplies and the memory access pattern are independent of the particular secret key. This will mitigate cache-timing and potential related attacks. * Change the client implementation for SSLv23_method() and SSLv23_client_method() so that is uses the SSL 3.0/TLS 1.0 Client Hello message format if the SSL_OP_NO_SSLv2 option is set. (Previously, the SSL 2.0 backwards compatible Client Hello message format would be used even with SSL_OP_NO_SSLv2.) -- Barry deFreese <email address hidden> Tue, 08 Aug 2006 08:20:45 +0100
Upload details
- Uploaded by:
- Barry deFreese
- Uploaded to:
- Edgy
- Original maintainer:
- Debian OpenSSL Team
- Architectures:
- any
- Section:
- utils
- Urgency:
- Very Urgent
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
openssl097_0.9.7i.orig.tar.gz | 3.1 MiB | 2fdd9235fc08c4353875d0981741947f2fa9f8835f04d97c30461cc14a986dd0 |
openssl097_0.9.7i-1.diff.gz | 36.5 KiB | 35ff1e417fd0aeed8baf3d7559afab70db6922c2765c27dc1faac451c118f975 |
openssl097_0.9.7i-1.dsc | 1.0 KiB | 0cddd6a899d733e331ad49251ae7e0824694142fac0ed0129b1d801885830cdc |
Binary packages built by this source
- libssl0.9.7: No summary available for libssl0.9.7 in ubuntu edgy.
No description available for libssl0.9.7 in ubuntu edgy.
- libssl0.9.7-dbg: No summary available for libssl0.9.7-dbg in ubuntu edgy.
No description available for libssl0.9.7-dbg in ubuntu edgy.