[Bug 1775018] Re: Fix for openssl 1.0.2 backport

Launchpad Bug Tracker 1775018 at bugs.launchpad.net
Wed Feb 27 17:18:11 UTC 2019 

This bug was fixed in the package openssl1.0 - 1.0.2n-1ubuntu5.3

---------------
openssl1.0 (1.0.2n-1ubuntu5.3) bionic-security; urgency=medium

  * SECURITY UPDATE: 0-byte record padding oracle
    - debian/patches/CVE-2019-1559.patch: go into the error state if a
      fatal alert is sent or received in ssl/d1_pkt.c, ssl/s3_pkt.c.
    - CVE-2019-1559
  * debian/patches/s390x-fix-aes-gcm-tls.patch: fix typo in backported
    s390x hw acceleration patch. (LP: #1775018)

 -- Marc Deslauriers <marc.deslauriers at ubuntu.com>  Tue, 26 Feb 2019
14:46:16 -0500

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1775018

Title:
  Fix for openssl 1.0.2 backport

Status in Ubuntu on IBM z Systems:
  Confirmed
Status in openssl package in Ubuntu:
  Fix Released
Status in openssl1.0 package in Ubuntu:
  Won't Fix
Status in openssl source package in Xenial:
  Invalid
Status in openssl1.0 source package in Xenial:
  Invalid
Status in openssl source package in Bionic:
  Fix Released
Status in openssl1.0 source package in Bionic:
  Fix Released
Status in openssl source package in Cosmic:
  Fix Released
Status in openssl1.0 source package in Cosmic:
  Fix Released
Status in openssl source package in Disco:
  Fix Released
Status in openssl1.0 source package in Disco:
  Won't Fix

Bug description:
  [Impact]

   * Fix hw accelerated performance impact on s390x with non-default
  openssl1.0.

  [Test Case]

   * Test that performance of hw accelerated crypto is improved / i.e.
  ssl speed test

   * Test that openssh still works, just in case.

  [Regression Potential]

   * This only changes accelerated codepath on s390x, for specific algos when CPACF is enabled on the system cpu, which is usually on.
   * Same fix is already in use by 1.1.0 default openssl package, and well excercised on bionic and up.

  [Other Info]
   
   * original bug report.

  
  This is a fix for this feature's backport to openssl 1.0.2 ( 1.1.0 and upstream code are not affected ).

  Original LP ticket :
  https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1743750

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-z-systems/+bug/1775018/+subscriptions

More information about the foundations-bugs mailing list