This bug was fixed in the package apache2 - 2.2.8-1ubuntu0.18
---
apache2 (2.2.8-1ubuntu0.18) hardy-security; urgency=low
* debian/patches/212_sslinsecurerenegotiation-directive.dpatch: once
openssl gets updated to fix CVE-2009-3555, server renegotiations with
unpatched
This bug was fixed in the package openssl - 0.9.8g-4ubuntu3.10
---
openssl (0.9.8g-4ubuntu3.10) hardy-security; urgency=low
* SECURITY UPDATE: TLS renegotiation flaw (LP: #616759)
- apps/{s_cb,s_client,s_server}.c, doc/ssl/SSL_CTX_set_options.pod,
This bug was fixed in the package apache2 - 2.2.11-2ubuntu2.7
---
apache2 (2.2.11-2ubuntu2.7) jaunty-security; urgency=low
* debian/patches/909_sslinsecurerenegotiation-directive.dpatch: once
openssl gets updated to fix CVE-2009-3555, server renegotiations with
unpatched
This bug was fixed in the package openssl - 0.9.8g-15ubuntu3.5
---
openssl (0.9.8g-15ubuntu3.5) jaunty-security; urgency=low
* SECURITY UPDATE: TLS renegotiation flaw (LP: #616759)
- apps/{s_cb,s_client,s_server}.c, doc/ssl/SSL_CTX_set_options.pod,
This bug was fixed in the package apache2 - 2.2.12-1ubuntu2.3
---
apache2 (2.2.12-1ubuntu2.3) karmic-security; urgency=low
* debian/patches/905_sslinsecurerenegotiation-directive.dpatch: once
openssl gets updated to fix CVE-2009-3555, server renegotiations with
unpatched
This bug was fixed in the package openssl - 0.9.8g-16ubuntu3.2
---
openssl (0.9.8g-16ubuntu3.2) karmic-security; urgency=low
* SECURITY UPDATE: TLS renegotiation flaw (LP: #616759)
- apps/{s_cb,s_client,s_server}.c, doc/ssl/SSL_CTX_set_options.pod,
This bug was fixed in the package apache2 - 2.2.14-5ubuntu8.2
---
apache2 (2.2.14-5ubuntu8.2) lucid-security; urgency=low
* debian/patches/211-sslinsecurerenegotiation-directive.dpatch: once
openssl gets updated to fix CVE-2009-3555, server renegotiations with
unpatched
This bug was fixed in the package openssl - 0.9.8k-7ubuntu8.1
---
openssl (0.9.8k-7ubuntu8.1) lucid-security; urgency=low
* SECURITY UPDATE: TLS renegotiation flaw (LP: #616759)
- debian/patches/CVE-2009-3555-RFC5746.patch: backport rfc5746 support
from openssl 0.9.8m.
** Changed in: apache2 (Ubuntu Dapper)
Status: In Progress = Fix Released
** Changed in: openssl (Ubuntu Dapper)
Status: In Progress = Fix Released
--
CVE-2009-3555 tracking bug
https://bugs.launchpad.net/bugs/616759
You received this bug notification because you are a member of
I can confirm that the firefox CVE-2009-3555 warnings go away once these
packages are installed on Lucid. Additionally, I tested that sasl and
dovecot still work as expected. Awesome. :)
--
CVE-2009-3555 tracking bug
https://bugs.launchpad.net/bugs/616759
You received this bug notification
** Branch linked: lp:ubuntu/dapper-proposed/openssl
** Branch linked: lp:ubuntu/karmic-proposed/openssl
** Branch linked: lp:ubuntu/jaunty-proposed/openssl
** Branch linked: lp:ubuntu/hardy-proposed/openssl
** Branch linked: lp:ubuntu/lucid-proposed/openssl
--
CVE-2009-3555 tracking bug
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-3555
--
CVE-2009-3555 tracking bug
https://bugs.launchpad.net/bugs/616759
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in ubuntu.
--
Ubuntu-server-bugs
12 matches
Mail list logo