Please merge openssl_0.9.8g-15(main) from debian unstable
Bug #314984 reported by
Bhavani Shankar
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| openssl (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Bug Description
Binary package hint: openssl
Debian has a new version to be merged.
openssl (0.9.8g-15) unstable; urgency=low
* Internal calls to didn't properly check for errors which
resulted in malformed DSA and ECDSA signatures being treated as
a good signature rather than as an error. (CVE-2008-5077)
* ipv6_from_asc() could write 1 byte longer than the buffer in case
the ipv6 address didn't have "::" part. (Closes: #506111)
-- Kurt Roeckx <email address hidden> Mon, 05 Jan 2009 21:14:31 +0100
Related branches
CVE References
Revision history for this message
| Bhavani Shankar (bhavi) wrote | #1 |
| Changed in openssl: | |
| status: | New → Confirmed |
Revision history for this message
| Launchpad Janitor (janitor) wrote | #2 |
| Changed in openssl: | |
| status: | Confirmed → Fix Released |
To post a comment you must log in.
This bug was fixed in the package openssl - 0.9.8g-15ubuntu1
---------------
openssl (0.9.8g-15ubuntu1) jaunty; urgency=low
* Merge from debian unstable, remaining changes: LP: #314984
- Link using -Bsymbolic-
- Add support for lpia
- Disable SSLv2 during compile
- Ship documentation in openssl-doc, suggested by the package.
- Use a different priority for libssl0.
depending on whether a desktop, or server dist-upgrade is being
performed.
- Display a system restart required notification bubble on libssl0.9.8
upgrade.
- Replace duplicate files in the doc directory with symlinks.
openssl (0.9.8g-15) unstable; urgency=low
* Internal calls to didn't properly check for errors which
resulted in malformed DSA and ECDSA signatures being treated as
a good signature rather than as an error. (CVE-2008-5077)
* ipv6_from_asc() could write 1 byte longer than the buffer in case
the ipv6 address didn't have "::" part. (Closes: #506111)
-- Bhavani Shankar <email address hidden> Thu, 08 Jan 2009 12:38:06 +0530