[ubuntu/oneiric-security] openssl_1.0.0e-2ubuntu4.4_amd64_translations.tar.gz, openssl_1.0.0e-2ubuntu4.4_powerpc_translations.tar.gz, openssl_1.0.0e-2ubuntu4.4_i386_translations.tar.gz, openssl, openssl_1.0.0e-2ubuntu4.4_armel_translations.tar.gz 1.0.0e-2ubuntu4.4 (Accepted)
Jamie Strandboge
jamie at ubuntu.com
Thu Apr 19 22:03:21 UTC 2012
openssl (1.0.0e-2ubuntu4.4) oneiric-security; urgency=low
* SECURITY UPDATE: NULL pointer dereference in S/MIME messages with broken
headers
- debian/patches/CVE-2006-7250+2012-1165.patch: adjust mime_hdr_cmp()
and mime_param_cmp() to not dereference the compared strings if either
is NULL
- CVE-2006-7250
- CVE-2012-1165
* SECURITY UPDATE: fix various overflows
- debian/patches/CVE-2012-2110.patch: adjust crypto/a_d2i_fp.c,
crypto/buffer.c and crypto/mem.c to verify size of lengths
- CVE-2012-2110
Date: Thu, 19 Apr 2012 09:39:43 -0500
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/oneiric/+source/openssl/1.0.0e-2ubuntu4.4
-------------- next part --------------
Format: 1.8
Date: Thu, 19 Apr 2012 09:39:43 -0500
Source: openssl
Binary: openssl libssl1.0.0 libcrypto1.0.0-udeb libssl1.0.0-udeb libssl-dev libssl-doc libssl1.0.0-dbg
Architecture: source
Version: 1.0.0e-2ubuntu4.4
Distribution: oneiric-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description:
libcrypto1.0.0-udeb - crypto shared library - udeb (udeb)
libssl-dev - SSL development libraries, header files and documentation
libssl-doc - SSL development documentation documentation
libssl1.0.0 - SSL shared libraries
libssl1.0.0-dbg - Symbol tables for libssl and libcrypto
libssl1.0.0-udeb - ssl shared library - udeb (udeb)
openssl - Secure Socket Layer (SSL) binary and related cryptographic tools
Changes:
openssl (1.0.0e-2ubuntu4.4) oneiric-security; urgency=low
.
* SECURITY UPDATE: NULL pointer dereference in S/MIME messages with broken
headers
- debian/patches/CVE-2006-7250+2012-1165.patch: adjust mime_hdr_cmp()
and mime_param_cmp() to not dereference the compared strings if either
is NULL
- CVE-2006-7250
- CVE-2012-1165
* SECURITY UPDATE: fix various overflows
- debian/patches/CVE-2012-2110.patch: adjust crypto/a_d2i_fp.c,
crypto/buffer.c and crypto/mem.c to verify size of lengths
- CVE-2012-2110
Checksums-Sha1:
df87f22a3459e6c026ba80e17f5f9b834c8d9f23 2087 openssl_1.0.0e-2ubuntu4.4.dsc
e197d86ab9d5c194dfbf581f6438956f68f0d162 118902 openssl_1.0.0e-2ubuntu4.4.debian.tar.gz
Checksums-Sha256:
a446b64ff2400b873d05f4f10b6ffb7f23753241ae5db34c0219ac6c35f43c01 2087 openssl_1.0.0e-2ubuntu4.4.dsc
d1f6be8c6032bc7015a03a0d9d792133bc26c9ebea7e48873587c072ef17296e 118902 openssl_1.0.0e-2ubuntu4.4.debian.tar.gz
Files:
a251ffe05d93813330529836c7795caf 2087 utils optional openssl_1.0.0e-2ubuntu4.4.dsc
d62502a10b9441405642b4ece9cda5e3 118902 utils optional openssl_1.0.0e-2ubuntu4.4.debian.tar.gz
Original-Maintainer: Debian OpenSSL Team <pkg-openssl-devel at lists.alioth.debian.org>
More information about the Oneiric-changes
mailing list