[Pkg-openssl-changes] r428 - in openssl/branches/etch: crypto/evp debian ssl
Kurt Roeckx
kroeckx at alioth.debian.org
Tue Aug 11 21:01:34 UTC 2009
Author: kroeckx
Date: 2009-08-11 21:01:34 +0000 (Tue, 11 Aug 2009)
New Revision: 428
Modified:
openssl/branches/etch/crypto/evp/c_alld.c
openssl/branches/etch/debian/changelog
openssl/branches/etch/ssl/ssl_algs.c
Log:
Remove MD2 from digest algorithm table. (CVE-2009-2409) (Closes: #539899)
Modified: openssl/branches/etch/crypto/evp/c_alld.c
===================================================================
--- openssl/branches/etch/crypto/evp/c_alld.c 2009-08-11 21:00:17 UTC (rev 427)
+++ openssl/branches/etch/crypto/evp/c_alld.c 2009-08-11 21:01:34 UTC (rev 428)
@@ -64,9 +64,6 @@
void OpenSSL_add_all_digests(void)
{
-#ifndef OPENSSL_NO_MD2
- EVP_add_digest(EVP_md2());
-#endif
#ifndef OPENSSL_NO_MD4
EVP_add_digest(EVP_md4());
#endif
Modified: openssl/branches/etch/debian/changelog
===================================================================
--- openssl/branches/etch/debian/changelog 2009-08-11 21:00:17 UTC (rev 427)
+++ openssl/branches/etch/debian/changelog 2009-08-11 21:01:34 UTC (rev 428)
@@ -1,3 +1,9 @@
+openssl (0.9.8c-4etch8) oldstable-security; urgency=low
+
+ * Remove MD2 from digest algorithm table. (CVE-2009-2409) (Closes: #539899)
+
+ -- Kurt Roeckx <kurt at roeckx.be> Tue, 11 Aug 2009 23:00:55 +0200
+
openssl (0.9.8c-4etch7) oldstable-security; urgency=low
* Fix DoS via a DTLS ChangeCipherSpec packet that occurs before ClientHello
Modified: openssl/branches/etch/ssl/ssl_algs.c
===================================================================
--- openssl/branches/etch/ssl/ssl_algs.c 2009-08-11 21:00:17 UTC (rev 427)
+++ openssl/branches/etch/ssl/ssl_algs.c 2009-08-11 21:01:34 UTC (rev 428)
@@ -91,9 +91,6 @@
#endif
-#ifndef OPENSSL_NO_MD2
- EVP_add_digest(EVP_md2());
-#endif
#ifndef OPENSSL_NO_MD5
EVP_add_digest(EVP_md5());
EVP_add_digest_alias(SN_md5,"ssl2-md5");
More information about the Pkg-openssl-changes
mailing list