USN-2606-1: OpenSSL update

Publication date

12 May 2015

Overview

OpenSSL TLSv1.2 client support has been enabled in Ubuntu 12.04 LTS.

Releases


Packages

  • openssl - Secure Socket Layer (SSL) cryptographic library and tools

Details

For compatibility reasons, Ubuntu 12.04 LTS shipped OpenSSL with TLSv1.2
disabled when being used as a client.

This update re-enables TLSv1.2 by default now that the majority of
problematic sites have been updated to fix compatibility issues.

For problematic environments, TLSv1.2 can be disabled again by setting the
OPENSSL_NO_CLIENT_TLS1_2 environment variable before library
initialization.

For compatibility reasons, Ubuntu 12.04 LTS shipped OpenSSL with TLSv1.2
disabled when being used as a client.

This update re-enables TLSv1.2 by default now that the majority of
problematic sites have been updated to fix compatibility issues.

For problematic environments, TLSv1.2 can be disabled again by setting the
OPENSSL_NO_CLIENT_TLS1_2 environment variable before library
initialization.

Update instructions

After a standard system update you need to reboot your computer to make all the necessary changes.

Learn more about how to get the fixes.

The problem can be corrected by updating your system to the following package versions:

Ubuntu Release Package Version
12.04 precise libssl1.0.0 –  1.0.1-4ubuntu5.27

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.


Have additional questions?

Talk to a member of the team ›