[Bug 317181] Re: [CVE-2009-0050] - Lasso 2.2.1 and earlier does not properly check the return value from the OpenSSL DSA_verify function
Launchpad Bug Tracker
317181 at bugs.launchpad.net
Thu Jan 15 13:47:51 GMT 2009
This bug was fixed in the package lasso - 2.0.0-1ubuntu1.1
---------------
lasso (2.0.0-1ubuntu1.1) gutsy-security; urgency=low
* SECURITY UPDATE: lasso does not properly check the return value from the
OpenSSL DSA_verify function (LP: #317181).
- lasso/xml/tools.c: Correctly check for signature validity.
- CVE-2009-0050
-- Stefan Lesicnik <stefan at lsd.co.za> Wed, 14 Jan 2009 20:23:28 +0200
** Changed in: lasso (Ubuntu Gutsy)
Status: Fix Committed => Fix Released
** Changed in: lasso (Ubuntu Hardy)
Status: Fix Committed => Fix Released
--
[CVE-2009-0050] - Lasso 2.2.1 and earlier does not properly check the return value from the OpenSSL DSA_verify function
https://bugs.launchpad.net/bugs/317181
You received this bug notification because you are a member of Ubuntu
Package Archive Administrators, which is a direct subscriber.
More information about the ubuntu-archive
mailing list