Viewing all changes in revision 58.
- Committer: Package Import Robot
- Date: 2012-05-22 15:25:06 UTC
- Revision ID: package-import@ubuntu.com-20120522152506-mqnmn033m06eubkq
* SECURITY UPDATE: denial of service attack in DTLS implementation
- debian/patches/CVE_2012-2333.patch: guard for integer overflow
before skipping explicit IV
- CVE-2012-2333
* SECURITY UPDATE: million message attack (MMA) in CMS and PKCS #7
- debian/patches/CVE-2012-0884.patch: use a random key if RSA
decryption fails to avoid leaking timing information
- CVE-2012-0884
* debian/patches/CVE-2012-0884-extra.patch: detect symmetric crypto
errors in PKCS7_decrypt and initialize tkeylen properly when
encrypting CMS messages.
- debian/patches/CVE_2012-2333.patch: guard for integer overflow
before skipping explicit IV
- CVE-2012-2333
* SECURITY UPDATE: million message attack (MMA) in CMS and PKCS #7
- debian/patches/CVE-2012-0884.patch: use a random key if RSA
decryption fails to avoid leaking timing information
- CVE-2012-0884
* debian/patches/CVE-2012-0884-extra.patch: detect symmetric crypto
errors in PKCS7_decrypt and initialize tkeylen properly when
encrypting CMS messages.
- files added:
- .pc/CVE-2012-0884-extra.patch
- .pc/CVE-2012-0884-extra.patch/crypto
- .pc/CVE-2012-0884-extra.patch/crypto/cms
- .pc/CVE-2012-0884-extra.patch/crypto/pkcs7
- .pc/CVE-2012-0884.patch
- .pc/CVE-2012-0884.patch/apps
- .pc/CVE-2012-0884.patch/crypto
- .pc/CVE-2012-0884.patch/crypto/cms
- .pc/CVE-2012-0884.patch/crypto/pkcs7
- .pc/CVE-2012-2333.patch
- .pc/CVE-2012-2333.patch/ssl
- files modified:
- .pc/applied-patches
expand all
collapse all
added
removed
