Forwarded by suneo135 -------- Forwarded Message ---------
Package:openssl Version:0.9.6c-2 Severity:critical Openssl 0.9.6f changes Changes between 0.9.6e and 0.9.6f [8 Aug 2002] *) Fix ASN1 checks. Check for overflow by comparing with LONG_MAX and get fix the header length calculation. [Florian Weimer <[EMAIL PROTECTED]>, Alon Kantor <[EMAIL PROTECTED]> (and others), Steve Henson] *) Use proper error handling instead of \\\'assertions\\\' in buffer overflow checks added in 0.9.6e. This prevents DoS (the assertions could call abort()). [Arne Ansper <[EMAIL PROTECTED]>, Bodo Moeller] Probably it is this pathc. http://marc.theaimsgroup.com/?l=openssl-cvs&m=102831422608153&w=2 other http://rhn.redhat.com/errata/RHSA-2002-160.html --------- End of Forwarded Message ---------
