This bug was fixed in the package openssl - 0.9.8g-4ubuntu3.12
---------------
openssl (0.9.8g-4ubuntu3.12) hardy-security; urgency=low
* SECURITY UPDATE: TLS race condition leading to a buffer overflow and
possible code execution. (LP: #676243)
- ssl/t1_lib.c: stricter NULL/not-NULL checking
- http://openssl.org/news/secadv_20101116.txt
- CVE-2010-3864
-- Steve Beattie <[email protected]> Wed, 17 Nov 2010 09:02:39 -0800
** Changed in: openssl (Ubuntu)
Status: In Progress => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3864
--
Upstream patch for OpenSSL race condition
https://bugs.launchpad.net/bugs/676243
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
