~ubuntu-branches/ubuntu/lucid/openssl/lucid-security

Viewing all changes in revision 50.

  • Committer: Package Import Robot
  • Author(s): Jamie Strandboge
  • Date: 2012-04-19 10:24:54 UTC
  • Revision ID: package-import@ubuntu.com-20120419102454-tluy4us0xsq90jll
Tags: 0.9.8k-7ubuntu8.10
* SECURITY UPDATE: NULL pointer dereference in S/MIME messages with broken
  headers
  - debian/patches/CVE-2006-7250+2012-1165.patch: adjust mime_hdr_cmp()
    and mime_param_cmp() to not dereference the compared strings if either
    is NULL
  - CVE-2006-7250
  - CVE-2012-1165
* SECURITY UPDATE: fix various overflows
  - debian/patches/CVE-2012-2110.patch: adjust crypto/a_d2i_fp.c,
    crypto/buffer.c and crypto/mem.c to verify size of lengths
  - CVE-2012-2110

expand all expand all

Show diffs side-by-side

added added

removed removed

Lines of Context: