Viewing all changes in revision 24.
- Committer: Package Import Robot
- Date: 2009-07-15 13:06:03 UTC
- Revision ID: package-import@ubuntu.com-20090715130603-tdfe82g4e9rvnz7r
* SECURITY UPDATE: certificate spoofing via invalid return value check
in OCSP_basic_verify
- debian/patches/904_security_CVE-2009-0642.dpatch: also check for -1
return code in ext/openssl/ossl_ocsp.c.
- CVE-2009-0642
* SECURITY UPDATE: denial of service in BigDecimal library via string
argument that represents a large number (LP: #385436)
- debian/patches/905_security_CVE-2009-1904.dpatch: handle large
numbers properly in ext/bigdecimal/bigdecimal.c.
- CVE-2009-1904
in OCSP_basic_verify
- debian/patches/904_security_CVE-2009-0642.dpatch: also check for -1
return code in ext/openssl/ossl_ocsp.c.
- CVE-2009-0642
* SECURITY UPDATE: denial of service in BigDecimal library via string
argument that represents a large number (LP: #385436)
- debian/patches/905_security_CVE-2009-1904.dpatch: handle large
numbers properly in ext/bigdecimal/bigdecimal.c.
- CVE-2009-1904
expand all
collapse all
added
removed
