openssl (0.9.8k-7ubuntu8.14) lucid-security; urgency=low
* SECURITY UPDATE: denial of service via invalid OCSP key
- debian/patches/CVE-2013-0166.patch: properly handle NULL key in
crypto/asn1/a_verify.c, crypto/ocsp/ocsp_vfy.c.
- CVE-2013-0166
* SECURITY UPDATE: "Lucky Thirteen" timing side-channel TLS attack
- debian/patches/CVE-2013-0169.patch: massive code changes
- CVE-2013-0169
Date: 2013-02-18 21:30:19.333947+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
Signed-By: Ubuntu Archive Robot
<cjwatson+ubuntu-archive-ro...@chiark.greenend.org.uk>
https://launchpad.net/ubuntu/lucid/+source/openssl/0.9.8k-7ubuntu8.14
Sorry, changesfile not available.
--
Lucid-changes mailing list
Lucid-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/lucid-changes