1
Candidate: CVE-2009-0050
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0050
5
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=511262
7
Lasso 2.2.1 and earlier does not properly check the return value from the
8
OpenSSL DSA_verify function, which allows remote attackers to bypass
9
validation of the certificate chain via a malformed SSL/TLS signature, a
10
similar vulnerability to CVE-2008-5077.
14
https://bugs.launchpad.net/ubuntu/+source/lasso/+bug/317181
17
Assigned-to: stefanlsd
20
debdiff: https://bugs.launchpad.net/ubuntu/+source/lasso/+bug/317181
21
upstream_lasso: released (2.2.1-2)
22
dapper_lasso: released (0.6.3-4ubuntu1.1)
23
gutsy_lasso: released (2.0.0-1ubuntu1.1)
24
hardy_lasso: released (2.1.1-2ubuntu1.1)
25
intrepid_lasso: released (2.2.0-1ubuntu0.1)
26
devel_lasso: not-affected (2.2.1-2build1)