[Pkg-openssl-devel] Bug#444435: Bug#444435: Bug#444435: openssl: [CVE-2007-5135] Off-by-one error in the SSL_get_shared_ciphers()
Kurt Roeckx
kurt at roeckx.be
Fri Sep 28 19:53:34 UTC 2007
On Fri, Sep 28, 2007 at 07:16:15PM +0200, Kurt Roeckx wrote:
> On Fri, Sep 28, 2007 at 04:16:02PM +0200, Axel Beckert wrote:
> > Package: openssl
> > Version: 0.9.8c-4, 0.9.7e-3sarge4
> > Severity: critical
> > Tags: sarge, etch, security
>
> Since this applies to sid (and oldstable) too, those tags are
> just wrong.
>
> So we have those versions:
> openssl:
> Oldstable 0.9.7e-3sarge4
> Stable 0.9.8c-4
> Testing 0.9.8e-6
> Unstable 0.9.8e-8
I've uploaded 0.9.8e-9 to unstable.
I've also prepared an upload for stable-security at
people.debian.org/~kroeckx/openssl
Note that openssl_0.9.8c-4etch1_source_i386_amd64.changes
is the only .changes file mentioning the .orig.tar.gz
Kurt
More information about the Pkg-openssl-devel
mailing list