This bug was fixed in the package openssl - 1.0.1f-1ubuntu2.3
---------------
openssl (1.0.1f-1ubuntu2.3) trusty-security; urgency=medium
* SECURITY UPDATE: regression with tls_session_secret_cb (LP: #1329297)
- debian/patches/CVE-2014-0224.patch: set the CCS_OK flag when using
tls_session_secret_cb for session resumption in ssl/s3_clnt.c.
-- Marc Deslauriers <[email protected]> Thu, 12 Jun 2014 08:29:16
-0400
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1329297
Title:
openssl CVE-2014-0224 fix broke tls_session_secret_cb and EAP-FAST
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1329297/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
