Debian Bug report logs -
#389940
Security: OpenSSL Security Advisory [28th September 2006]
Toggle useless messages
Report forwarded to debian-bugs-dist@lists.debian.org, Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>
:
Bug#389940
; Package openssl
.
(full text, mbox, link).
Acknowledgement sent to "debian-bts@spamblock.netzgehirn.de" <debian-bts@spamblock.netzgehirn.de>
:
New Bug report received and forwarded. Copy sent to Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>
.
(full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: openssl
Version: all
Severity: critical
Tags: security, fixed-upstream
Several critical security problems were found in OpenSSL, allowing remote DoS
and possibly arbitrary code execution.
See
http://www.openssl.org/news/secadv_20060928.txt
CVE-2006-2937, CVE-2006-2940, CVE-2006-3738
Reply sent to Kurt Roeckx <kurt@roeckx.be>
:
You have taken responsibility.
(full text, mbox, link).
Notification sent to "debian-bts@spamblock.netzgehirn.de" <debian-bts@spamblock.netzgehirn.de>
:
Bug acknowledged by developer.
(full text, mbox, link).
Message #10 received at 389940-done@bugs.debian.org (full text, mbox, reply):
Version: 0.9.8c-2
On Thu, Sep 28, 2006 at 03:46:37PM +0200, debian-bts@spamblock.netzgehirn.de wrote:
> Package: openssl
> Version: all
> Severity: critical
> Tags: security, fixed-upstream
>
> Several critical security problems were found in OpenSSL, allowing remote DoS
> and possibly arbitrary code execution.
>
> See
> http://www.openssl.org/news/secadv_20060928.txt
>
>
> CVE-2006-2937, CVE-2006-2940, CVE-2006-3738
I've uploaded openssl 0.9.8c-2 and openssl097 0.9.7k-2 to unstable,
the security team has uploaded openssl 0.9.7e-3sarge3 to stable.
I have no idea if they are going to backport the changes to openssl096.
Note that they all also fix CVE-2006-4343.
Kurt
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org
.
(Mon, 25 Jun 2007 08:14:25 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 19:23:58 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.