This bug was fixed in the package openssl - 1.0.1-4ubuntu5.3 --------------- openssl (1.0.1-4ubuntu5.3) precise-security; urgency=low
* SECURITY UPDATE: SSL_OP_ALL incorrectly disables TLS 1.1 (LP: #1018998) - debian/patches/lp1018998.patch: change SSL_OP_NO_TLSv1_1 from 0x00000400L to 0x10000000L as in 1.0.1b to prevent applications compiled with SSL_OP_ALL from incorrectly disabling TLS 1.1. * debian/patches/lp1020621.patch: Make renegotiation work for TLS 1.2, 1.1 by not using a lower record version client hello workaround if renegotiating. (LP: #1020621) -- Marc Deslauriers <marc.deslauri...@ubuntu.com> Tue, 03 Jul 2012 11:36:01 -0400 ** Changed in: openssl (Ubuntu Precise) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1018998 Title: SSL_OP_ALL incorrectly disables TLS 1.1 To manage notifications about this bug go to: https://bugs.launchpad.net/openssl/+bug/1018998/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs