[Pkg-openssl-devel] Bug#747432: Bug#747432: openssl: CVE-2014-0198 Null pointer dereference bug in OpenSSL 1.0.1g and earlier
Kurt Roeckx
kurt at roeckx.be
Thu May 8 16:30:16 UTC 2014
On Thu, May 08, 2014 at 06:53:27PM +0300, Demetris Demetriou wrote:
> Package: openssl
> Version: 1.0.1e-2+deb7u7
> Severity: important
>
> Hello,
> Please see this link:http://advisories.mageia.org/MGASA-2014-0204.html
I've know about that CVE for some time. I'm waiting for upstream
to confirm that the patch in the master branch from a few months
ago is the right fix or not.
> Does this affect the version included in wheezy?
As far as I know it affects all branches.
Kurt
More information about the Pkg-openssl-devel
mailing list