This bug was fixed in the package openssl - 1.0.1f-1ubuntu2.20

openssl (1.0.1f-1ubuntu2.20) trusty-security; urgency=medium

  * SECURITY UPDATE: Constant time flag not preserved in DSA signing
    - debian/patches/CVE-2016-2178-*.patch: preserve BN_FLG_CONSTTIME in
    - CVE-2016-2178
  * SECURITY UPDATE: DTLS buffered message DoS
    - debian/patches/CVE-2016-2179.patch: fix queue handling in
      ssl/d1_both.c, ssl/d1_clnt.c, ssl/d1_lib.c, ssl/d1_srvr.c,
    - CVE-2016-2179
  * SECURITY UPDATE: OOB read in TS_OBJ_print_bio()
    - debian/patches/CVE-2016-2180.patch: fix text handling in
    - CVE-2016-2180
  * SECURITY UPDATE: DTLS replay protection DoS
    - debian/patches/CVE-2016-2181-1.patch: properly handle unprocessed
      records in ssl/d1_pkt.c.
    - debian/patches/CVE-2016-2181-2.patch: protect against replay attacks
      in ssl/d1_pkt.c, ssl/ssl.h, ssl/ssl_err.c.
    - debian/patches/CVE-2016-2181-3.patch: update error code in ssl/ssl.h.
    - CVE-2016-2181
  * SECURITY UPDATE: OOB write in BN_bn2dec()
    - debian/patches/CVE-2016-2182.patch: don't overflow buffer in
    - CVE-2016-2182
    - debian/patches/CVE-2016-2183.patch: move DES ciphersuites from HIGH
      to MEDIUM in ssl/s3_lib.c.
    - CVE-2016-2183
  * SECURITY UPDATE: Malformed SHA512 ticket DoS
    - debian/patches/CVE-2016-6302.patch: sanity check ticket length in
    - CVE-2016-6302
  * SECURITY UPDATE: OOB write in MDC2_Update()
    - debian/patches/CVE-2016-6303.patch: avoid overflow in
    - CVE-2016-6303
  * SECURITY UPDATE: OCSP Status Request extension unbounded memory growth
    - debian/patches/CVE-2016-6304.patch: remove OCSP_RESPIDs from previous
      handshake in ssl/t1_lib.c.
    - CVE-2016-6304
  * SECURITY UPDATE: Certificate message OOB reads
    - debian/patches/CVE-2016-6306-1.patch: check lengths in ssl/s3_clnt.c,
    - debian/patches/CVE-2016-6306-2.patch: make message buffer slightly
      larger in ssl/d1_both.c, ssl/s3_both.c.
    - CVE-2016-6306
  * SECURITY REGRESSION: DTLS regression (LP: #1622500)
    - debian/patches/CVE-2014-3571-3.patch: make DTLS always act as if
      read_ahead is set in ssl/s3_pkt.c.
  * debian/patches/update-expired-smime-test-certs.patch: Update test
    certificates that have expired and caused build test failures.

 -- Marc Deslauriers <>  Thu, 22 Sep 2016
13:38:15 -0400

You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.

  Backported bugfix for CVE-2014-3571 causes regressions for DTLS in
  Ubuntu 14.04

Status in openssl package in Ubuntu:
Status in openssl source package in Precise:
  Fix Released
Status in openssl source package in Trusty:
  Fix Released

Bug description:
  In OpenSSL 1.0.1f on Ubuntu 14.04, there's a regression in using DTLS,
  caused by a backported bugfix for CVE-2014-3571.

  This particular bugfix (debian/patches/CVE-2014-3571-1.patch,
  corresponding to;a=commitdiff;h=8d7aab986b499f34d9e1bc58fbfd77f05c38116e,
  originally included upstream in OpenSSL 1.0.1k) caused a regression in
  using DTLS - see

  This regression was fixed in OpenSSL 1.0.1m via this commit:;a=commitdiff;h=1895583

  This left OpenSSL 1.0.1k and 1.0.1l with the regression, plus Ubuntu
  14.04 which backported the first fix but not the later one.

  In Debian, their patches for 1.0.1e contain both fixes:

  Please backport the second fix to the version of 1.0.1f that you
  maintain for 14.04 LTS.

To manage notifications about this bug go to:

Mailing list:
Post to     :
Unsubscribe :
More help   :

Reply via email to