Praveen Kariyanahalli, Ivan Fratric and Felix Groebert discovered that OpenSSL incorrectly handled memory when buffering DTLS data. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2014-8176)
Joseph Barr-Pixton discovered that OpenSSL incorrectly handled malformed ECParameters structures. A remote attacker could use this issue to cause OpenSSL to hang, resulting in a denial of service. (CVE-2015-1788)
Robert Swiecki and Hanno Böck discovered that OpenSSL incorrectly handled certain ASN1_TIME strings. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2015-1789)
Michal Zalewski discovered that OpenSSL incorrectly handled missing content when parsing ASN.1-encoded PKCS#7 blobs. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2015-1790)
Emilia Käsper discovered that OpenSSL incorrectly handled NewSessionTicket when being used by a multi-threaded client. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2015-1791)
Johannes Bauer discovered that OpenSSL incorrectly handled verifying signedData messages using the CMS code. A remote attacker could use this issue to cause OpenSSL to hang, resulting in a denial of service. (CVE-2015-1792)
As a security improvement, this update also modifies OpenSSL behaviour to reject DH key sizes below 768 bits, preventing a possible downgrade attack.
{ "availability": "No subscription required", "binaries": [ { "binary_version": "1.0.1f-1ubuntu2.15", "binary_name": "libcrypto1.0.0-udeb" }, { "binary_version": "1.0.1f-1ubuntu2.15", "binary_name": "libcrypto1.0.0-udeb-dbgsym" }, { "binary_version": "1.0.1f-1ubuntu2.15", "binary_name": "libssl-dev" }, { "binary_version": "1.0.1f-1ubuntu2.15", "binary_name": "libssl-dev-dbgsym" }, { "binary_version": "1.0.1f-1ubuntu2.15", "binary_name": "libssl-doc" }, { "binary_version": "1.0.1f-1ubuntu2.15", "binary_name": "libssl1.0.0" }, { "binary_version": "1.0.1f-1ubuntu2.15", "binary_name": "libssl1.0.0-dbg" }, { "binary_version": "1.0.1f-1ubuntu2.15", "binary_name": "libssl1.0.0-dbgsym" }, { "binary_version": "1.0.1f-1ubuntu2.15", "binary_name": "libssl1.0.0-udeb" }, { "binary_version": "1.0.1f-1ubuntu2.15", "binary_name": "libssl1.0.0-udeb-dbgsym" }, { "binary_version": "1.0.1f-1ubuntu2.15", "binary_name": "openssl" }, { "binary_version": "1.0.1f-1ubuntu2.15", "binary_name": "openssl-dbgsym" } ] }