Hi, I have pushed updated OpenSSL packages for Ubuntu 10.04 LTS, 12.04 LTS, 12.10, 13.04, and Saucy into the -proposed pocket. Saucy's OpenSSL has been accepted into -release.
See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. The packages fix the following security issues: http://en.wikipedia.org/wiki/CRIME_(security_exploit) The update disables compression before encryption for all applications, unless the OPENSSL_DEFAULT_ZLIB environment variable is defined in the program's environment at start. Please report any issues in the tracking bug: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1187195 If no issues are reported, I plan on releasing the packages as security updates in a couple of weeks. Thanks,
signature.asc
Description: Digital signature
-- ubuntu-devel mailing list ubuntu-devel@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel