USN-2883-1: OpenSSL vulnerability
Ubuntu Security Notice USN-2883-1 28th January, 2016 openssl vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Summary OpenSSL could be made to expose sensitive information over the network. Software description openssl – Secure Socket Layer (SSL) cryptographic library and tools Details Antonio Sanso discovered that OpenSSL reused the same private DH exponentfor the life of a server process when configured with a X9.42 styleparameter file. This could allow a remote attacker to possibly discover theserver's private DH exponent when being used with non-safe primes. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 15.10: libssl1.0.0 1.0.2d-0ubuntu1.3 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. After a standard system update you need to reboot your computer to makeall the necessary changes. References CVE-2016-0701 Source: ubuntu-usn
