found 743883 1.0.1e-2 fixed 743883 + 1.0.1-g fixed 743883 + 1.0.1e-2+deb7u5 close 743883 thanks
On Mon, Apr 07, 2014 at 09:11:09PM +0000, Travis Cross wrote: > Package: openssl > Version: 1.0.1f-1 > Severity: grave > > A serious flaw has been discovered in OpenSSL versions 1.0.1 through > 1.0.1f. This bug can allow an attacker to read process memory on > vulnerable systems leading to exposure of the private key. Please > see: > > http://www.openssl.org/news/secadv_20140407.txt > http://heartbleed.com/ > > Debian will need to patch OpenSSL in sid, jessie, and wheezy, and all > keys used with vulnerable processes will need to be replaced both in > Debian infrastructure and by all users of this package. > > _______________________________________________ > Pkg-openssl-devel mailing list > pkg-openssl-de...@lists.alioth.debian.org > http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-openssl-devel > -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org