[ubuntu/lucid-security] openssl_0.9.8k-7ubuntu8.10_sparc_translations.tar.gz, openssl_0.9.8k-7ubuntu8.10_i386_translations.tar.gz, openssl_0.9.8k-7ubuntu8.10_armel_translations.tar.gz, openssl, openssl_0.9.8k-7ubuntu8.10_ia64_translations.tar.gz, openssl_0.9.8k-7ubuntu8.10_powerpc_translations.tar.gz, openssl_0.9.8k-7ubuntu8.10_amd64_translations.tar.gz 0.9.8k-7ubuntu8.10 (Accepted)
Jamie Strandboge
jamie at ubuntu.com
Thu Apr 19 22:03:49 UTC 2012
openssl (0.9.8k-7ubuntu8.10) lucid-security; urgency=low
* SECURITY UPDATE: NULL pointer dereference in S/MIME messages with broken
headers
- debian/patches/CVE-2006-7250+2012-1165.patch: adjust mime_hdr_cmp()
and mime_param_cmp() to not dereference the compared strings if either
is NULL
- CVE-2006-7250
- CVE-2012-1165
* SECURITY UPDATE: fix various overflows
- debian/patches/CVE-2012-2110.patch: adjust crypto/a_d2i_fp.c,
crypto/buffer.c and crypto/mem.c to verify size of lengths
- CVE-2012-2110
Date: Thu, 19 Apr 2012 10:24:54 -0500
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/lucid/+source/openssl/0.9.8k-7ubuntu8.10
-------------- next part --------------
Format: 1.8
Date: Thu, 19 Apr 2012 10:24:54 -0500
Source: openssl
Binary: openssl openssl-doc libssl0.9.8 libcrypto0.9.8-udeb libssl0.9.8-udeb libssl-dev libssl0.9.8-dbg
Architecture: source
Version: 0.9.8k-7ubuntu8.10
Distribution: lucid-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description:
libcrypto0.9.8-udeb - crypto shared library - udeb (udeb)
libssl-dev - SSL development libraries, header files and documentation
libssl0.9.8 - SSL shared libraries
libssl0.9.8-dbg - Symbol tables for libssl and libcrypto
libssl0.9.8-udeb - ssl shared library - udeb (udeb)
openssl - Secure Socket Layer (SSL) binary and related cryptographic tools
openssl-doc - Secure Socket Layer (SSL) documentation
Changes:
openssl (0.9.8k-7ubuntu8.10) lucid-security; urgency=low
.
* SECURITY UPDATE: NULL pointer dereference in S/MIME messages with broken
headers
- debian/patches/CVE-2006-7250+2012-1165.patch: adjust mime_hdr_cmp()
and mime_param_cmp() to not dereference the compared strings if either
is NULL
- CVE-2006-7250
- CVE-2012-1165
* SECURITY UPDATE: fix various overflows
- debian/patches/CVE-2012-2110.patch: adjust crypto/a_d2i_fp.c,
crypto/buffer.c and crypto/mem.c to verify size of lengths
- CVE-2012-2110
Checksums-Sha1:
e704e38cdd2f4ec6a428ab34b6efd1205ebffe09 2101 openssl_0.9.8k-7ubuntu8.10.dsc
01576077c91ea4b486cda9a44fa066bd205a4095 125094 openssl_0.9.8k-7ubuntu8.10.diff.gz
Checksums-Sha256:
f4607ea9fa6e064b6c2dfc235788cdc76a77deca7463d4a043cb9f820595bf42 2101 openssl_0.9.8k-7ubuntu8.10.dsc
3bfc92db2b8eb5acba5fcd44b927be9e1c08db60e5b9f686ff25e6e7af47ccf5 125094 openssl_0.9.8k-7ubuntu8.10.diff.gz
Files:
ef345db0124b6b970e8f598daa231caf 2101 utils optional openssl_0.9.8k-7ubuntu8.10.dsc
4f0309b80691b267c6df85ede518b5ba 125094 utils optional openssl_0.9.8k-7ubuntu8.10.diff.gz
Original-Maintainer: Debian OpenSSL Team <pkg-openssl-devel at lists.alioth.debian.org>
More information about the Lucid-changes
mailing list