landing-team-changes team mailing list archive

Thread
Date
[stable-overlay] openssl (1.0.1f-1ubuntu11.7)

To: landing-team-changes@xxxxxxxxxxxxxxxxxxx
From: ubuntu.landing.team@xxxxxxxxx
Date: Mon, 27 Feb 2017 13:00:07 -0800 (PST)
Uploaded to the Stable Phone Overlay PPA (~ci-train-ppa-service/ubuntu/stable-phone-overlay vivid) archive

---------------
Format: 1.8
Date: Mon, 27 Feb 2017 12:58:39 -0600
Source: openssl
Binary: openssl libssl1.0.0 libcrypto1.0.0-udeb libssl1.0.0-udeb libssl-dev libssl-doc libssl1.0.0-dbg
Architecture: source
Version: 1.0.1f-1ubuntu11.7
Distribution: vivid-security
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@xxxxxxxxxxxxxxxx>
Changed-By: Emily Ratliff <emily.ratliff@xxxxxxxxxxxxx>
Description:
 libcrypto1.0.0-udeb - Secure Sockets Layer toolkit - libcrypto udeb (udeb)
 libssl-dev - Secure Sockets Layer toolkit - development files
 libssl-doc - Secure Sockets Layer toolkit - development documentation
 libssl1.0.0 - Secure Sockets Layer toolkit - shared libraries
 libssl1.0.0-dbg - Secure Sockets Layer toolkit - debug information
 libssl1.0.0-udeb - ssl shared library - udeb (udeb)
 openssl    - Secure Sockets Layer toolkit - cryptographic utility
Launchpad-Bugs-Fixed: 1622500
Changes:
 openssl (1.0.1f-1ubuntu11.7) vivid-security; urgency=medium
 .
   [ Marc Deslauriers ]
   * SECURITY UPDATE: Pointer arithmetic undefined behaviour
     - debian/patches/CVE-2016-2177-pre.patch: check for ClientHello message
       overruns in ssl/s3_srvr.c.
     - debian/patches/CVE-2016-2177-pre2.patch: validate ClientHello
       extension field length in ssl/t1_lib.c.
     - debian/patches/CVE-2016-2177-pre3.patch: pass in a limit rather than
       calculate it in ssl/s3_srvr.c, ssl/ssl_locl.h, ssl/t1_lib.c.
     - debian/patches/CVE-2016-2177.patch: avoid undefined pointer
       arithmetic in ssl/s3_srvr.c, ssl/t1_lib.c,
     - CVE-2016-2177
   * SECURITY UPDATE: ECDSA P-256 timing attack key recovery
     - debian/patches/CVE-2016-7056.patch: use BN_mod_exp_mont_consttime in
       crypto/ec/ec.h, crypto/ec/ec_lcl.h, crypto/ec/ec_lib.c,
       crypto/ecdsa/ecs_ossl.c.
     - CVE-2016-7056
   * SECURITY UPDATE: DoS via warning alerts
     - debian/patches/CVE-2016-8610.patch: don't allow too many consecutive
       warning alerts in ssl/d1_pkt.c, ssl/s3_pkt.c, ssl/ssl.h,
       ssl/ssl_locl.h.
     - debian/patches/CVE-2016-8610-2.patch: fail if an unrecognised record
       type is received in ssl/s3_pkt.c.
     - CVE-2016-8610
   * SECURITY UPDATE: Truncated packet could crash via OOB read
     - debian/patches/CVE-2017-3731-pre.patch: sanity check
       EVP_CTRL_AEAD_TLS_AAD in crypto/evp/e_aes.c,
       crypto/evp/e_aes_cbc_hmac_sha1.c, crypto/evp/e_rc4_hmac_md5.c,
       crypto/evp/evp.h, ssl/t1_enc.c.
     - debian/patches/CVE-2017-3731.patch: harden RC4_MD5 cipher in
       crypto/evp/e_rc4_hmac_md5.c.
     - CVE-2017-3731
   * SECURITY UPDATE: Constant time flag not preserved in DSA signing
     - debian/patches/CVE-2016-2178-*.patch: preserve BN_FLG_CONSTTIME in
       crypto/dsa/dsa_ossl.c.
     - CVE-2016-2178
   * SECURITY UPDATE: DTLS buffered message DoS
     - debian/patches/CVE-2016-2179.patch: fix queue handling in
       ssl/d1_both.c, ssl/d1_clnt.c, ssl/d1_lib.c, ssl/d1_srvr.c,
       ssl/ssl_locl.h.
     - CVE-2016-2179
   * SECURITY UPDATE: OOB read in TS_OBJ_print_bio()
     - debian/patches/CVE-2016-2180.patch: fix text handling in
       crypto/ts/ts_lib.c.
     - CVE-2016-2180
   * SECURITY UPDATE: DTLS replay protection DoS
     - debian/patches/CVE-2016-2181-1.patch: properly handle unprocessed
       records in ssl/d1_pkt.c.
     - debian/patches/CVE-2016-2181-2.patch: protect against replay attacks
       in ssl/d1_pkt.c, ssl/ssl.h, ssl/ssl_err.c.
     - debian/patches/CVE-2016-2181-3.patch: update error code in ssl/ssl.h.
     - CVE-2016-2181
   * SECURITY UPDATE: OOB write in BN_bn2dec()
     - debian/patches/CVE-2016-2182.patch: don't overflow buffer in
       crypto/bn/bn_print.c.
     - debian/patches/CVE-2016-2182-2.patch: fix off-by-one in overflow
       check in crypto/bn/bn_print.c.
     - CVE-2016-2182
   * SECURITY UPDATE: SWEET32 Mitigation
     - debian/patches/CVE-2016-2183.patch: move DES ciphersuites from HIGH
       to MEDIUM in ssl/s3_lib.c.
     - CVE-2016-2183
   * SECURITY UPDATE: Malformed SHA512 ticket DoS
     - debian/patches/CVE-2016-6302.patch: sanity check ticket length in
       ssl/t1_lib.c.
     - CVE-2016-6302
   * SECURITY UPDATE: OOB write in MDC2_Update()
     - debian/patches/CVE-2016-6303.patch: avoid overflow in
       crypto/mdc2/mdc2dgst.c.
     - CVE-2016-6303
   * SECURITY UPDATE: OCSP Status Request extension unbounded memory growth
     - debian/patches/CVE-2016-6304.patch: remove OCSP_RESPIDs from previous
       handshake in ssl/t1_lib.c.
     - CVE-2016-6304
   * SECURITY UPDATE: Certificate message OOB reads
     - debian/patches/CVE-2016-6306-1.patch: check lengths in ssl/s3_clnt.c,
       ssl/s3_srvr.c.
     - debian/patches/CVE-2016-6306-2.patch: make message buffer slightly
       larger in ssl/d1_both.c, ssl/s3_both.c.
     - CVE-2016-6306
   * SECURITY REGRESSION: DTLS regression (LP: #1622500)
     - debian/patches/CVE-2014-3571-3.patch: make DTLS always act as if
       read_ahead is set in ssl/s3_pkt.c.
Checksums-Sha1:
 7a6767972cda576c46cec7f15b810389fcefd6ad 2427 openssl_1.0.1f-1ubuntu11.7.dsc
 c30f4c38e43c6d615c105db7546f43af216d00fc 239832 openssl_1.0.1f-1ubuntu11.7.debian.tar.xz
Checksums-Sha256:
 0a9b3d1f6f40f1d59116b55cf2621ccf53f9f7a249bb38f2131e648f1b4a951a 2427 openssl_1.0.1f-1ubuntu11.7.dsc
 4e32732e903aaf0fc7b626198be6209e2fc02b5431d293a92f85a4b5bb211983 239832 openssl_1.0.1f-1ubuntu11.7.debian.tar.xz
Files:
 e5f4812978a1df067ffd08715a51c2d4 2427 utils optional openssl_1.0.1f-1ubuntu11.7.dsc
 aa66240e6a883993c8cfafdb77aca799 239832 utils optional openssl_1.0.1f-1ubuntu11.7.debian.tar.xz
Original-Maintainer: Debian OpenSSL Team <pkg-openssl-devel@xxxxxxxxxxxxxxxxxxxxxxx>