Viewing all changes in revision 35.
- Committer: Bazaar Package Importer
- Date: 2010-10-06 17:50:37 UTC
- Revision ID: james.westby@ubuntu.com-20101006175037-yvr9oqc9sq1vsh12
* SECURITY UPDATE: denial of service and possible code execution via
unchecked bn_wexpand return values. (LP: #655884)
- crypto/bn/{bn_mul,bn_div,bn_gf2m}.c, crypto/ec/ec2_smpl.c,
engines/e_ubsec.c: check return values.
- http://cvs.openssl.org/chngview?cn=18936
- http://cvs.openssl.org/chngview?cn=19309
- CVE-2009-3245
* SECURITY UPDATE: denial of service and possible code execution via
crafted private key with an invalid prime.
- ssl/s3_clnt.c: set bn_ctx to NULL after freeing it.
- http://www.mail-archive.com/openssl-dev@openssl.org/msg28049.html
- CVE-2010-2939
unchecked bn_wexpand return values. (LP: #655884)
- crypto/bn/{bn_mul,bn_div,bn_gf2m}.c, crypto/ec/ec2_smpl.c,
engines/e_ubsec.c: check return values.
- http://cvs.openssl.org/chngview?cn=18936
- http://cvs.openssl.org/chngview?cn=19309
- CVE-2009-3245
* SECURITY UPDATE: denial of service and possible code execution via
crafted private key with an invalid prime.
- ssl/s3_clnt.c: set bn_ctx to NULL after freeing it.
- http://www.mail-archive.com/openssl-dev@openssl.org/msg28049.html
- CVE-2010-2939
expand all
collapse all
added
removed
