This bug was fixed in the package openssl - 0.9.8g-4ubuntu3.10
---------------
openssl (0.9.8g-4ubuntu3.10) hardy-security; urgency=low
* SECURITY UPDATE: TLS renegotiation flaw (LP: #616759)
- apps/{s_cb,s_client,s_server}.c, doc/ssl/SSL_CTX_set_options.pod,
ssl/{d1_both,d1_clnt,d1_srvr,s3_both,s3_clnt,s3_pkt,s3_srvr,ssl_err,
ssl_lib,t1_lib,t1_reneg}.c, ssl/Makefile, ssl/{ssl3,ssl,ssl_locl,
tls1}.h: backport rfc5746 support from openssl 0.9.8m.
- CVE-2009-3555
* Enable tlsext, and backport some patches from jaunty now that tlsext is
enabled.
- Fix a problem with tlsext preventing firefox 3 from connection.
- Don't add extentions to ssl v3 connections. It breaks with some
other software.
-- Marc Deslauriers <marc.deslauri...@ubuntu.com> Thu, 12 Aug 2010 08:35:55
-0400
** Changed in: apache2 (Ubuntu Jaunty)
Status: In Progress => Fix Released
--
CVE-2009-3555 tracking bug
https://bugs.launchpad.net/bugs/616759
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in ubuntu.
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
