group.of.nepali.translators team mailing list archive

Thread
Date

[Bug 1775018] Re: Fix for openssl 1.0.2 backport

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1775018@xxxxxxxxxxxxxxxxxx>
Date: Wed, 27 Feb 2019 17:18:05 -0000
Reply-to: Bug 1775018 <1775018@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This bug was fixed in the package openssl1.0 - 1.0.2n-1ubuntu6.2

---------------
openssl1.0 (1.0.2n-1ubuntu6.2) cosmic-security; urgency=medium

  * SECURITY UPDATE: 0-byte record padding oracle
    - debian/patches/CVE-2019-1559.patch: go into the error state if a
      fatal alert is sent or received in ssl/d1_pkt.c, ssl/s3_pkt.c.
    - CVE-2019-1559
  * debian/patches/s390x-fix-aes-gcm-tls.patch: fix typo in backported
    s390x hw acceleration patch. (LP: #1775018)

 -- Marc Deslauriers <marc.deslauriers@xxxxxxxxxx>  Tue, 26 Feb 2019
14:45:07 -0500

** Changed in: openssl1.0 (Ubuntu Cosmic)
       Status: Confirmed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-1559

** Changed in: openssl1.0 (Ubuntu Bionic)
       Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1775018

Title:
  Fix for openssl 1.0.2 backport

Status in Ubuntu on IBM z Systems:
  Confirmed
Status in openssl package in Ubuntu:
  Fix Released
Status in openssl1.0 package in Ubuntu:
  Won't Fix
Status in openssl source package in Xenial:
  Invalid
Status in openssl1.0 source package in Xenial:
  Invalid
Status in openssl source package in Bionic:
  Fix Released
Status in openssl1.0 source package in Bionic:
  Fix Released
Status in openssl source package in Cosmic:
  Fix Released
Status in openssl1.0 source package in Cosmic:
  Fix Released
Status in openssl source package in Disco:
  Fix Released
Status in openssl1.0 source package in Disco:
  Won't Fix

Bug description:
  [Impact]

   * Fix hw accelerated performance impact on s390x with non-default
  openssl1.0.

  [Test Case]

   * Test that performance of hw accelerated crypto is improved / i.e.
  ssl speed test

   * Test that openssh still works, just in case.

  [Regression Potential]

   * This only changes accelerated codepath on s390x, for specific algos when CPACF is enabled on the system cpu, which is usually on.
   * Same fix is already in use by 1.1.0 default openssl package, and well excercised on bionic and up.

  [Other Info]
   
   * original bug report.

  
  This is a fix for this feature's backport to openssl 1.0.2 ( 1.1.0 and upstream code are not affected ).

  Original LP ticket :
  https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1743750

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-z-systems/+bug/1775018/+subscriptions