[Bug 922229] Re: OpenSSL DTLS Vulnerability
Steve Beattie
sbeattie at ubuntu.com
Fri Mar 30 23:08:16 UTC 2012
** Visibility changed to: Public
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/922229
Title:
OpenSSL DTLS Vulnerability
Status in “openssl” package in Ubuntu:
Fix Released
Bug description:
The following URL is for a DTLS vulnerability in OpenSSL 0.9.8s and
earlier which appears to be unpatched in Ubuntu. This vulnerability
permits a man-in-the-middle attack on UDP-based TLS implementations,
such as OpenVPN and leads to disclosure of encrypted material:
http://security-tracker.debian.org/tracker/CVE-2012-0050
I apologize for the Debian link, I was not sure what else to provide.
ProblemType: Bug
DistroRelease: Ubuntu 10.04
Package: openssl 0.9.8k-7ubuntu8.6
ProcVersionSignature: Ubuntu 2.6.32-38.83-server 2.6.32.52+drm33.21
Uname: Linux 2.6.32-38-server x86_64
NonfreeKernelModules: nvidia
Architecture: amd64
Date: Thu Jan 26 12:52:22 2012
InstallationMedia: Ubuntu 10.04.3 LTS "Lucid Lynx" - Release amd64 (20110719.2)
ProcEnviron:
PATH=(custom, no user)
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: openssl
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/922229/+subscriptions
More information about the foundations-bugs
mailing list