[MIR] libesmtp
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
libesmtp (Debian) |
Fix Released
|
Unknown
|
|||
libesmtp (Ubuntu) |
Fix Released
|
Wishlist
|
Unassigned |
Bug Description
1. Availability: amd64, armel, i386, ia64, powerpc, sparc
2. Rationale: The package helps meet https:/
3. Security: No CVEs.
Recent fix of "not check NULL bytes in commonNames of certificates" was issued in debian and already syncing into Ubuntu.
4. QA: 1 openssl/gnutls related bug in Debian, no bugs in Ubuntu. Upstream's last release was in 2005. URL: http://
5. UI standards: none
6. Dependencies: all in main
7. Standards: no lintian warnings. Package is packaged with debhelper and uses custom developed patch system.
8. Maintenance: simple package, syncs should be enough (there were no Ubuntu changes in package history)
9. Background information: this package is one of dependencies for new cluster stack in Ubuntu.
CVE References
summary: |
- [MIR] libesmtp + libesmtp does not check NULL bytes in commonNames of certificates |
summary: |
libesmtp does not check NULL bytes in commonNames of certificates + (variant of CVE-2009-2408) |
Changed in libesmtp (Debian): | |
status: | Unknown → New |
summary: |
- libesmtp does not check NULL bytes in commonNames of certificates - (variant of CVE-2009-2408) + MIR fallout: libesmtp does not check NULL bytes in commonNames of + certificates (variant of CVE-2009-2408) |
Changed in libesmtp (Debian): | |
status: | New → Confirmed |
Changed in libesmtp (Debian): | |
status: | Confirmed → Fix Released |
summary: |
- MIR fallout: libesmtp does not check NULL bytes in commonNames of - certificates (variant of CVE-2009-2408) + [MIR] libesmtp |
description: | updated |
Changed in libesmtp (Ubuntu): | |
status: | Incomplete → New |
importance: | Undecided → Wishlist |
approved