[Bug 1304042] Re: CVE-2014-0160
Kevin Landreth
crackerjackmack at gmail.com
Mon Apr 7 21:47:43 UTC 2014
Linked as upstream instead of Distribution, fixed.
** Bug watch added: Debian Bug tracker #743883
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=743883
** Also affects: openssl via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=743883
Importance: Unknown
Status: Unknown
** Also affects: openssl (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=743883
Importance: Unknown
Status: Unknown
** No longer affects: openssl
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-0160
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1304042
Title:
CVE-2014-0160
Status in “openssl” package in Ubuntu:
Confirmed
Status in “openssl” package in Debian:
Unknown
Bug description:
The version of OpenSSL which is shipped with Ubuntu is vulnerable to
CVE-2014-0160. This is resolved with OpenSSL 1.0.1g
(https://www.openssl.org/news/secadv_20140407.txt). This is
*extremely* high severity, see heartbleed.com for full information.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1304042/+subscriptions
More information about the foundations-bugs
mailing list