CVE-2011-0014
Bug #718208 reported by
Artur Rona
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
openssl (Ubuntu) |
Fix Released
|
Medium
|
Artur Rona | ||
Natty |
Fix Released
|
Medium
|
Artur Rona |
Bug Description
Binary package hint: openssl
Applications are only affected if they act as a server and call
SSL_CTX_
Apache httpd >= 2.3.3, if configured with "SSLUseStapling On".
Related branches
CVE References
Changed in openssl (Ubuntu): | |
assignee: | nobody → Artur Rona (ari-tczew) |
security vulnerability: | no → yes |
Changed in openssl (Ubuntu Natty): | |
status: | New → Confirmed |
importance: | Undecided → Medium |
To post a comment you must log in.
This bug was fixed in the package openssl - 0.9.8o-5ubuntu1
---------------
openssl (0.9.8o-5ubuntu1) natty; urgency=low
* Merge from debian unstable. Remaining changes: (LP: #718205) 9.8.postinst: 9.8/restart- services 9.8-udeb. dirs, control, rules}: Create 9.8-udeb, for the benefit of wget-udeb (no wget-udeb 9.8-udeb. dirs, libssl0.9.8.dirs, libssl0.9.8.files, rt.openssl. org/Ticket/ Display. html?id= 2067 (refreshed) functions. patch: Link using -Bsymbolic- functions. quilt.patch: Don't change perl #! paths under .pc.
- d/libssl0.
+ Display a system restart required notification bubble
on libssl0.9.8 upgrade.
+ Use a different priority for libssl0.
depending on whether a desktop, or server dist-upgrade
is being performed.
- d/{libssl0.
libssl0.
package in Debian).
- d/{libcrypto0.
rules}: Move runtime libraries to /lib, for the benefit of wpasupplicant.
- d/{control, openssl-doc.docs, openssl.docs, openssl.dirs}:
+ Ship documentation in openssl-doc, suggested by the package.
(Closes: #470594)
- d/p/aesni.patch: Backport Intel AES-NI support from
http://
- d/p/Bsymbolic-
- d/p/perlpath-
- d/p/no-sslv2.patch: Disable SSLv2 to match NSS and GnuTLS.
The protocol is unsafe and extremely deprecated. (Closes: #589706)
- d/rules:
+ Disable SSLv2 during compile. (Closes: #589706)
+ Don't run 'make test' when cross-building.
+ Use host compiler when cross-building. Patch from Neil Williams.
(Closes: #465248)
+ Don't build for processors no longer supported: i486, i586
(on i386), v8 (on sparc).
+ Fix Makefile to properly clean up libs/ dirs in clean target.
(Closes: #611667)
+ Replace duplicate files in the doc directory with symlinks.
* This upload fixed CVE: (LP: #718208)
- CVE-2011-0014
openssl (0.9.8o-5) unstable; urgency=low
* Fix OCSP stapling parse error (CVE-2011-0014)
-- Artur Rona <email address hidden> Sun, 13 Feb 2011 16:10:24 +0100