Debian Bug report logs -
#575607
CVE-2010-0740: openssl denial-of-service
Reported by: Michael Gilbert <michael.s.gilbert@gmail.com>
Date: Sat, 27 Mar 2010 16:51:02 UTC
Severity: important
Tags: security
Found in version openssl/0.9.8m-1
Fixed in version 0.9.8n-1
Done: Kurt Roeckx <kurt@roeckx.be>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>
:
Bug#575607
; Package openssl
.
(Sat, 27 Mar 2010 16:51:05 GMT) (full text, mbox, link).
Acknowledgement sent
to Michael Gilbert <michael.s.gilbert@gmail.com>
:
New Bug report received and forwarded. Copy sent to Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>
.
(Sat, 27 Mar 2010 16:51:05 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
package: openssl
version: 0.9.8m-1
severity: important
tags: security
hi, a security advisory [0] was published for openssl. this isn't very
severe, and only 0.9.8m in debian is affected since 16-bit shorts are
used.
[0] http://www.openssl.org/news/secadv_20100324.txt
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>
:
Bug#575607
; Package openssl
.
(Sat, 27 Mar 2010 17:09:02 GMT) (full text, mbox, link).
Acknowledgement sent
to Michael Gilbert <michael.s.gilbert@gmail.com>
:
Extra info received and forwarded to list. Copy sent to Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>
.
(Sat, 27 Mar 2010 17:09:02 GMT) (full text, mbox, link).
Message #10 received at 575607@bugs.debian.org (full text, mbox, reply):
note: fixed in upstream 0.9.8n
Reply sent
to Kurt Roeckx <kurt@roeckx.be>
:
You have taken responsibility.
(Sat, 27 Mar 2010 17:09:05 GMT) (full text, mbox, link).
Notification sent
to Michael Gilbert <michael.s.gilbert@gmail.com>
:
Bug acknowledged by developer.
(Sat, 27 Mar 2010 17:09:05 GMT) (full text, mbox, link).
Message #15 received at 575607-done@bugs.debian.org (full text, mbox, reply):
Version: 0.9.8n-1
On Sat, Mar 27, 2010 at 01:50:38PM -0400, Michael Gilbert wrote:
> package: openssl
> version: 0.9.8m-1
> severity: important
> tags: security
>
> hi, a security advisory [0] was published for openssl. this isn't very
> severe, and only 0.9.8m in debian is affected since 16-bit shorts are
> used.
>
> [0] http://www.openssl.org/news/secadv_20100324.txt
I've uploaded this 2 days ago, but ftp-master is still down.
Kurt
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>
:
Bug#575607
; Package openssl
.
(Sat, 27 Mar 2010 17:12:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Michael Gilbert <michael.s.gilbert@gmail.com>
:
Extra info received and forwarded to list. Copy sent to Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>
.
(Sat, 27 Mar 2010 17:12:03 GMT) (full text, mbox, link).
Message #20 received at 575607@bugs.debian.org (full text, mbox, reply):
On Sat, 27 Mar 2010 18:05:46 +0100 Kurt Roeckx wrote:
> Version: 0.9.8n-1
>
> On Sat, Mar 27, 2010 at 01:50:38PM -0400, Michael Gilbert wrote:
> > package: openssl
> > version: 0.9.8m-1
> > severity: important
> > tags: security
> >
> > hi, a security advisory [0] was published for openssl. this isn't very
> > severe, and only 0.9.8m in debian is affected since 16-bit shorts are
> > used.
> >
> > [0] http://www.openssl.org/news/secadv_20100324.txt
>
> I've uploaded this 2 days ago, but ftp-master is still down.
thanks!
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org
.
(Thu, 06 May 2010 07:34:41 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 19:21:45 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.