~ubuntu-branches/ubuntu/natty/openssl/natty-security

Viewing all changes in revision 56.

  • Committer: Package Import Robot
  • Author(s): Jamie Strandboge
  • Date: 2012-04-19 09:39:15 UTC
  • Revision ID: package-import@ubuntu.com-20120419093915-bvcbaiybuwp709vm
Tags: 0.9.8o-5ubuntu1.4
* SECURITY UPDATE: NULL pointer dereference in S/MIME messages with broken
  headers
  - debian/patches/CVE-2006-7250+2012-1165.patch: adjust mime_hdr_cmp()
    and mime_param_cmp() to not dereference the compared strings if either
    is NULL
  - CVE-2006-7250
  - CVE-2012-1165
* SECURITY UPDATE: fix various overflows
  - debian/patches/CVE-2012-2110.patch: adjust crypto/a_d2i_fp.c,
    crypto/buffer.c and crypto/mem.c to verify size of lengths
  - CVE-2012-2110

expand all expand all

Show diffs side-by-side

added added

removed removed

Lines of Context: