[ubuntu/lucid-security] openssl_0.9.8k-7ubuntu8.10_sparc_translations.tar.gz, openssl_0.9.8k-7ubuntu8.10_i386_translations.tar.gz, openssl_0.9.8k-7ubuntu8.10_armel_translations.tar.gz, openssl, openssl_0.9.8k-7ubuntu8.10_ia64_translations.tar.gz, openssl_0.9.8k-7ubuntu8.10_powerpc_translations.tar.gz, openssl_0.9.8k-7ubuntu8.10_amd64_translations.tar.gz 0.9.8k-7ubuntu8.10 (Accepted)

[Jamie Strandboge]

openssl (0.9.8k-7ubuntu8.10) lucid-security; urgency=low

  * SECURITY UPDATE: NULL pointer dereference in S/MIME messages with broken
    headers
    - debian/patches/CVE-2006-7250+2012-1165.patch: adjust mime_hdr_cmp()
      and mime_param_cmp() to not dereference the compared strings if either
      is NULL
    - CVE-2006-7250
    - CVE-2012-1165
  * SECURITY UPDATE: fix various overflows
    - debian/patches/CVE-2012-2110.patch: adjust crypto/a_d2i_fp.c,
      crypto/buffer.c and crypto/mem.c to verify size of lengths
    - CVE-2012-2110

Date: Thu, 19 Apr 2012 10:24:54 -0500
Changed-By: Jamie Strandboge <ja...@ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com>
https://launchpad.net/ubuntu/lucid/+source/openssl/0.9.8k-7ubuntu8.10

Format: 1.8
Date: Thu, 19 Apr 2012 10:24:54 -0500
Source: openssl
Binary: openssl openssl-doc libssl0.9.8 libcrypto0.9.8-udeb libssl0.9.8-udeb 
libssl-dev libssl0.9.8-dbg
Architecture: source
Version: 0.9.8k-7ubuntu8.10
Distribution: lucid-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com>
Changed-By: Jamie Strandboge <ja...@ubuntu.com>
Description: 
 libcrypto0.9.8-udeb - crypto shared library - udeb (udeb)
 libssl-dev - SSL development libraries, header files and documentation
 libssl0.9.8 - SSL shared libraries
 libssl0.9.8-dbg - Symbol tables for libssl and libcrypto
 libssl0.9.8-udeb - ssl shared library - udeb (udeb)
 openssl    - Secure Socket Layer (SSL) binary and related cryptographic tools
 openssl-doc - Secure Socket Layer (SSL) documentation
Changes: 
 openssl (0.9.8k-7ubuntu8.10) lucid-security; urgency=low
 .
   * SECURITY UPDATE: NULL pointer dereference in S/MIME messages with broken
     headers
     - debian/patches/CVE-2006-7250+2012-1165.patch: adjust mime_hdr_cmp()
       and mime_param_cmp() to not dereference the compared strings if either
       is NULL
     - CVE-2006-7250
     - CVE-2012-1165
   * SECURITY UPDATE: fix various overflows
     - debian/patches/CVE-2012-2110.patch: adjust crypto/a_d2i_fp.c,
       crypto/buffer.c and crypto/mem.c to verify size of lengths
     - CVE-2012-2110
Checksums-Sha1: 
 e704e38cdd2f4ec6a428ab34b6efd1205ebffe09 2101 openssl_0.9.8k-7ubuntu8.10.dsc
 01576077c91ea4b486cda9a44fa066bd205a4095 125094 
openssl_0.9.8k-7ubuntu8.10.diff.gz
Checksums-Sha256: 
 f4607ea9fa6e064b6c2dfc235788cdc76a77deca7463d4a043cb9f820595bf42 2101 
openssl_0.9.8k-7ubuntu8.10.dsc
 3bfc92db2b8eb5acba5fcd44b927be9e1c08db60e5b9f686ff25e6e7af47ccf5 125094 
openssl_0.9.8k-7ubuntu8.10.diff.gz
Files: 
 ef345db0124b6b970e8f598daa231caf 2101 utils optional 
openssl_0.9.8k-7ubuntu8.10.dsc
 4f0309b80691b267c6df85ede518b5ba 125094 utils optional 
openssl_0.9.8k-7ubuntu8.10.diff.gz
Original-Maintainer: Debian OpenSSL Team 
<pkg-openssl-de...@lists.alioth.debian.org>

-- 
Lucid-changes mailing list
Lucid-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/lucid-changes