This bug was fixed in the package openssl1.0 - 1.0.2n-1ubuntu6.2
---------------
openssl1.0 (1.0.2n-1ubuntu6.2) cosmic-security; urgency=medium
* SECURITY UPDATE: 0-byte record padding oracle
- debian/patches/CVE-2019-1559.patch: go into the error state if a
fatal alert is sent or received in ssl/d1_pkt.c, ssl/s3_pkt.c.
- CVE-2019-1559
* debian/patches/s390x-fix-aes-gcm-tls.patch: fix typo in backported
s390x hw acceleration patch. (LP: #1775018)
-- Marc Deslauriers <[email protected]> Tue, 26 Feb 2019
14:45:07 -0500
** Changed in: openssl1.0 (Ubuntu Cosmic)
Status: Confirmed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-1559
** Changed in: openssl1.0 (Ubuntu Bionic)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1775018
Title:
Fix for openssl 1.0.2 backport
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-z-systems/+bug/1775018/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
