[ubuntu/natty-security] openssl_0.9.8o-5ubuntu1.4_powerpc_translations.tar.gz, openssl_0.9.8o-5ubuntu1.4_i386_translations.tar.gz, openssl_0.9.8o-5ubuntu1.4_armel_translations.tar.gz, openssl, openssl_0.9.8o-5ubuntu1.4_amd64_translations.tar.gz 0.9.8o-5ubuntu1.4 (Accepted)
Jamie Strandboge
jamie at ubuntu.com
Thu Apr 19 22:03:34 UTC 2012
openssl (0.9.8o-5ubuntu1.4) natty-security; urgency=low
* SECURITY UPDATE: NULL pointer dereference in S/MIME messages with broken
headers
- debian/patches/CVE-2006-7250+2012-1165.patch: adjust mime_hdr_cmp()
and mime_param_cmp() to not dereference the compared strings if either
is NULL
- CVE-2006-7250
- CVE-2012-1165
* SECURITY UPDATE: fix various overflows
- debian/patches/CVE-2012-2110.patch: adjust crypto/a_d2i_fp.c,
crypto/buffer.c and crypto/mem.c to verify size of lengths
- CVE-2012-2110
Date: Thu, 19 Apr 2012 09:39:15 -0500
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/natty/+source/openssl/0.9.8o-5ubuntu1.4
-------------- next part --------------
Format: 1.8
Date: Thu, 19 Apr 2012 09:39:15 -0500
Source: openssl
Binary: openssl openssl-doc libssl0.9.8 libcrypto0.9.8-udeb libssl0.9.8-udeb libssl-dev libssl0.9.8-dbg
Architecture: source
Version: 0.9.8o-5ubuntu1.4
Distribution: natty-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description:
libcrypto0.9.8-udeb - crypto shared library - udeb (udeb)
libssl-dev - SSL development libraries, header files and documentation
libssl0.9.8 - SSL shared libraries
libssl0.9.8-dbg - Symbol tables for libssl and libcrypto
libssl0.9.8-udeb - ssl shared library - udeb (udeb)
openssl - Secure Socket Layer (SSL) binary and related cryptographic tools
openssl-doc - Secure Socket Layer (SSL) documentation
Changes:
openssl (0.9.8o-5ubuntu1.4) natty-security; urgency=low
.
* SECURITY UPDATE: NULL pointer dereference in S/MIME messages with broken
headers
- debian/patches/CVE-2006-7250+2012-1165.patch: adjust mime_hdr_cmp()
and mime_param_cmp() to not dereference the compared strings if either
is NULL
- CVE-2006-7250
- CVE-2012-1165
* SECURITY UPDATE: fix various overflows
- debian/patches/CVE-2012-2110.patch: adjust crypto/a_d2i_fp.c,
crypto/buffer.c and crypto/mem.c to verify size of lengths
- CVE-2012-2110
Checksums-Sha1:
c6a6fbef9b657de413d8d924fcbf68177bc45e81 2116 openssl_0.9.8o-5ubuntu1.4.dsc
c46039fa77261bb30000c7a68e70baf72274278c 102614 openssl_0.9.8o-5ubuntu1.4.debian.tar.gz
Checksums-Sha256:
529599f7ccd2585d0d11e78eca0ad2bb9737cc17cef1092eb30403522c4b7bf3 2116 openssl_0.9.8o-5ubuntu1.4.dsc
21ed889a41db1e2a5b76c31324b74c9f7e08afb5a1d1da590c9c4314b89c5d0e 102614 openssl_0.9.8o-5ubuntu1.4.debian.tar.gz
Files:
6186773b43098c4707acfeb090dfe259 2116 utils optional openssl_0.9.8o-5ubuntu1.4.dsc
b8b8ba62d1ee0bc0119056d23dcc03de 102614 utils optional openssl_0.9.8o-5ubuntu1.4.debian.tar.gz
Original-Maintainer: Debian OpenSSL Team <pkg-openssl-devel at lists.alioth.debian.org>
More information about the Natty-changes
mailing list