[Pkg-openssl-devel] Bug#699889: several issues in Security Advisory 5 Feb 2013
Thijs Kinkhorst
thijs at debian.org
Wed Feb 6 10:59:18 UTC 2013
Package: openssl
Severity: serious
Tags: security
Hi,
Several issues were announced in the OpenSSL security advisory of 05 Feb 2013
(http://www.openssl.org/news/secadv_20130205.txt):
SSL, TLS and DTLS Plaintext Recovery Attack (CVE-2013-0169)
TLS 1.1 and 1.2 AES-NI crash (CVE-2012-2686) (does not affect stable)
OCSP invalid key DoS issue (CVE-2013-0166)
Can you see to it that these are addressed in unstable and testing, and also
prepare an update to stable-security?
Thanks,
Thijs
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.alioth.debian.org/pipermail/pkg-openssl-devel/attachments/20130206/55ea5027/attachment.pgp>
More information about the Pkg-openssl-devel
mailing list