Comment 2 for bug 922229

I want to mention that CVE 2012-0050 is a fix for CVE 2011-4108, which also fixed some DTLS vulnerabilities. I am unclear whether CVE 2011-4108 was ever fixed in Ubuntu, in particular in Lucid. I do not think that it was.

I think the best thing to do at this point would be to review CVE 2011-4108, but understand that it has some defects which resulted in CVE 2012-0050. Whoever performs the fix should review both of these bugs.