-
Committer:
Package Import Robot
-
Author(s):
Jamie Strandboge
-
Date:
2012-04-19 10:24:54 UTC
-
Revision ID:
package-import@ubuntu.com-20120419102454-tluy4us0xsq90jll
Tags: 0.9.8k-7ubuntu8.10
* SECURITY UPDATE: NULL pointer dereference in S/MIME messages with broken
headers
- debian/patches/CVE-2006-7250+2012-1165.patch: adjust mime_hdr_cmp()
and mime_param_cmp() to not dereference the compared strings if either
is NULL
- CVE-2006-7250
- CVE-2012-1165
* SECURITY UPDATE: fix various overflows
- debian/patches/CVE-2012-2110.patch: adjust crypto/a_d2i_fp.c,
crypto/buffer.c and crypto/mem.c to verify size of lengths
- CVE-2012-2110