-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I believe this email was intended for ubuntu-quality as well :)
Gema - -------- Original Message -------- Subject: Call for testing: OpenSSL, compression security fix Date: Mon, 10 Jun 2013 14:54:08 -0700 From: Seth Arnold <[email protected]> To: [email protected], [email protected], [email protected] Hi, I have pushed updated OpenSSL packages for Ubuntu 10.04 LTS, 12.04 LTS, 12.10, 13.04, and Saucy into the -proposed pocket. Saucy's OpenSSL has been accepted into -release. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. The packages fix the following security issues: http://en.wikipedia.org/wiki/CRIME_(security_exploit) The update disables compression before encryption for all applications, unless the OPENSSL_DEFAULT_ZLIB environment variable is defined in the program's environment at start. Please report any issues in the tracking bug: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1187195 If no issues are reported, I plan on releasing the packages as security updates in a couple of weeks. Thanks, -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iQEcBAEBAgAGBQJRtrVLAAoJEGrsYwHIaYlg3vcH/16yReLfYkQkbcQPqR58Id6B j7yB5Qi/Fm0CSzVLflssli9xLcxqcUCCcU7NOIeZafRCqpRxgSPKpIAJOcsaztPI sF7m3OT4iP1b3dsySof5Hkn97qWIfEvuEZLHjel1tNSgvuUnfeHhkZM6yPD9EXIQ XUK+9kc3MdJR3KrNyf4Vcu11K2rP63XIgMILR3uM1jqjX1KTpOxMxNr4SFRYHSWV dfe07udhWnsKsNd5XXIzOn4UBV5d63J5Uz5nlc+V8FUQRhIU7PgL0nD8RcqfbJej TAHu8reNo6NroqX2oWqHj7nwAroK+LokxQyO5K7kQ1kpG4BWSaVZgKPtYn+26JY= =FEgb -----END PGP SIGNATURE-----
-- ubuntu-devel mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
-- Ubuntu-quality mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-quality
