-
Committer:
Package Import Robot
-
Author(s):
Jamie Strandboge
-
Date:
2012-04-19 09:39:43 UTC
-
Revision ID:
package-import@ubuntu.com-20120419093943-j9qc1wpjd1xxeemi
Tags: 1.0.0e-2ubuntu4.4
* SECURITY UPDATE: NULL pointer dereference in S/MIME messages with broken
headers
- debian/patches/CVE-2006-7250+2012-1165.patch: adjust mime_hdr_cmp()
and mime_param_cmp() to not dereference the compared strings if either
is NULL
- CVE-2006-7250
- CVE-2012-1165
* SECURITY UPDATE: fix various overflows
- debian/patches/CVE-2012-2110.patch: adjust crypto/a_d2i_fp.c,
crypto/buffer.c and crypto/mem.c to verify size of lengths
- CVE-2012-2110