[Bug 718208] Re: CVE-2011-0014

2011-02-22 Thread Launchpad Bug Tracker 
This bug was fixed in the package openssl - 0.9.8o-5ubuntu1

---
openssl (0.9.8o-5ubuntu1) natty; urgency=low

  * Merge from debian unstable.  Remaining changes: (LP: #718205)
- d/libssl0.9.8.postinst:
  + Display a system restart required notification bubble
on libssl0.9.8 upgrade.
  + Use a different priority for libssl0.9.8/restart-services
depending on whether a desktop, or server dist-upgrade
is being performed.
- d/{libssl0.9.8-udeb.dirs, control, rules}: Create
  libssl0.9.8-udeb, for the benefit of wget-udeb (no wget-udeb
  package in Debian).
- d/{libcrypto0.9.8-udeb.dirs, libssl0.9.8.dirs, libssl0.9.8.files,
  rules}: Move runtime libraries to /lib, for the benefit of wpasupplicant.
- d/{control, openssl-doc.docs, openssl.docs, openssl.dirs}:
  + Ship documentation in openssl-doc, suggested by the package.
   (Closes: #470594)
- d/p/aesni.patch: Backport Intel AES-NI support from
  http://rt.openssl.org/Ticket/Display.html?id=2067 (refreshed)
- d/p/Bsymbolic-functions.patch: Link using -Bsymbolic-functions.
- d/p/perlpath-quilt.patch: Don't change perl #! paths under .pc.
- d/p/no-sslv2.patch: Disable SSLv2 to match NSS and GnuTLS.
  The protocol is unsafe and extremely deprecated. (Closes: #589706)
- d/rules:
  + Disable SSLv2 during compile. (Closes: #589706)
  + Don't run 'make test' when cross-building.
  + Use host compiler when cross-building. Patch from Neil Williams.
(Closes: #465248)
  + Don't build for processors no longer supported: i486, i586
(on i386), v8 (on sparc).
  + Fix Makefile to properly clean up libs/ dirs in clean target.
(Closes: #611667)
  + Replace duplicate files in the doc directory with symlinks.
  * This upload fixed CVE: (LP: #718208)
- CVE-2011-0014

openssl (0.9.8o-5) unstable; urgency=low

  * Fix OCSP stapling parse error (CVE-2011-0014)
 -- Artur Rona ari-tc...@ubuntu.com   Sun, 13 Feb 2011 16:10:24 +0100

** Changed in: openssl (Ubuntu Natty)
   Status: Confirmed = Fix Released

** Bug watch added: OpenSSL RT #2067
   http://rt.openssl.org/Ticket/Display.html?id=2067

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/718208

Title:
  CVE-2011-0014

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 718208] Re: CVE-2011-0014

2011-02-15 Thread Marc Deslauriers 
** Changed in: openssl (Ubuntu Natty)
   Status: New = Confirmed

** Changed in: openssl (Ubuntu Natty)
   Importance: Undecided = Medium

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/718208

Title:
  CVE-2011-0014

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 718208] Re: CVE-2011-0014

2011-02-14 Thread Brian Murray 
** This bug has been flagged as a security vulnerability

** Also affects: openssl (Ubuntu Natty)
   Importance: Undecided
 Assignee: Artur Rona (ari-tczew)
   Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/718208

Title:
  CVE-2011-0014

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 718208] Re: CVE-2011-0014

2011-02-13 Thread Artur Rona 
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-0014

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/718208

Title:
  CVE-2011-0014

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs