[ubuntu/oneiric-security] openssl 1.0.0e-2ubuntu4.7 (Accepted)

Marc Deslauriers Thu, 21 Feb 2013 05:32:24 -0800

openssl (1.0.0e-2ubuntu4.7) oneiric-security; urgency=low

  * SECURITY UPDATE: denial of service via invalid OCSP key
    - debian/patches/CVE-2013-0166.patch: properly handle NULL key in
      crypto/asn1/a_verify.c, crypto/ocsp/ocsp_vfy.c.
    - CVE-2013-0166
  * SECURITY UPDATE: "Lucky Thirteen" timing side-channel TLS attack
    - debian/patches/CVE-2013-0169.patch: massive code changes
    - CVE-2013-0169


Date: 2013-02-18 21:30:11.559000+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/oneiric/+source/openssl/1.0.0e-2ubuntu4.7

Sorry, changesfile not available.

-- 
Oneiric-changes mailing list
Oneiric-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/oneiric-changes

[ubuntu/oneiric-security] openssl 1.0.0e-2ubuntu4.7 (Accepted)

Reply via email to