-
Committer:
Package Import Robot
-
Author(s):
Marc Deslauriers
-
Date:
2014-05-02 15:27:06 UTC
-
Revision ID:
package-import@ubuntu.com-20140502152706-nyxm6aq0obmdeai3
Tags: 1.0.1e-3ubuntu1.3
* SECURITY UPDATE: denial of service via use after free
- debian/patches/CVE-2010-5298.patch: check s->s3->rbuf.left before
releasing buffers in ssl/s3_pkt.c.
- CVE-2010-5298
* SECURITY UPDATE: denial of service via null pointer dereference
- debian/patches/CVE-2014-0198.patch: if buffer was released, get a new
one in ssl/s3_pkt.c.
- CVE-2014-0198