Debian Bug report logs -
#645805
Potential DTLS crasher bug
Reported by: Florian Weimer <fw@deneb.enyo.de>
Date: Tue, 18 Oct 2011 18:27:02 UTC
Severity: normal
Found in versions openssl/0.9.8o-4, openssl/0.9.8o-4squeeze3, openssl/0.9.8g-15
Fixed in versions openssl/1.0.0f-1, openssl/0.9.8g-15+lenny15, openssl/0.9.8o-4squeeze5
Done: Kurt Roeckx <kurt@roeckx.be>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>:
Bug#645805; Package libssl0.9.8.
(Tue, 18 Oct 2011 18:27:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Florian Weimer <fw@deneb.enyo.de>:
New Bug report received and forwarded. Copy sent to Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>.
(Tue, 18 Oct 2011 18:27:05 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: libssl0.9.8
Version: 0.9.8o-4squeeze3
It seems that there's a remotely triggerable OPENSSL_assert() in the
DTLS code:
| The reception of incomplete or incorrectly formatted DTLS fragments
| is handled with an OPENSSL_assert(), causing the program to exit
| rather then just terminating the connection. This patch exchanges
| the asserts with unexpected message and illegal parameter alerts.
<http://rt.openssl.org/Ticket/Display.html?id=2625&user=guest&pass=guest>
I don't know how functional the DTLS code in squeeze is, perhaps it's
necessary to fix this there, too.
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>:
Bug#645805; Package libssl0.9.8.
(Wed, 19 Oct 2011 20:57:10 GMT) (full text, mbox, link).
Acknowledgement sent
to Kurt Roeckx <kurt@roeckx.be>:
Extra info received and forwarded to list. Copy sent to Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>.
(Wed, 19 Oct 2011 20:57:10 GMT) (full text, mbox, link).
Message #10 received at 645805@bugs.debian.org (full text, mbox, reply):
found 645805 0.9.8o-4
thanks
On Tue, Oct 18, 2011 at 08:24:30PM +0200, Florian Weimer wrote:
> Package: libssl0.9.8
> Version: 0.9.8o-4squeeze3
>
> It seems that there's a remotely triggerable OPENSSL_assert() in the
> DTLS code:
>
> | The reception of incomplete or incorrectly formatted DTLS fragments
> | is handled with an OPENSSL_assert(), causing the program to exit
> | rather then just terminating the connection. This patch exchanges
> | the asserts with unexpected message and illegal parameter alerts.
>
> <http://rt.openssl.org/Ticket/Display.html?id=2625&user=guest&pass=guest>
>
> I don't know how functional the DTLS code in squeeze is, perhaps it's
> necessary to fix this there, too.
I'm pretty sure we have people using DTLS in squeeze.
I currently don't have time to deal with this.
Kurt
Bug Marked as found in versions openssl/0.9.8o-4.
Request was from Kurt Roeckx <kurt@roeckx.be>
to control@bugs.debian.org.
(Wed, 19 Oct 2011 20:57:12 GMT) (full text, mbox, link).
Reply sent
to Debian FTP Masters <ftpmaster@ftp-master.debian.org>:
You have taken responsibility.
(Sat, 19 Nov 2011 09:53:36 GMT) (full text, mbox, link).
Notification sent
to Florian Weimer <fw@deneb.enyo.de>:
Bug acknowledged by developer.
(Sat, 19 Nov 2011 09:53:43 GMT) (full text, mbox, link).
Message #17 received at 645805-done@bugs.debian.org (full text, mbox, reply):
Version: 0.9.8o-7+rm
Dear submitter,
as the package openssl098 has just been removed from the Debian archive
unstable we hereby close the associated bug reports. We are sorry
that we couldn't deal with your issue properly.
For details on the removal, please see http://bugs.debian.org/641975
The version of this package that was in Debian prior to this removal
can still be found using http://snapshot.debian.org/.
This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
ftpmaster@debian.org.
Debian distribution maintenance software
pp.
Luca Falavigna (the ftpmaster behind the curtain)
Bug No longer marked as fixed in versions 0.9.8o-7+rm and reopened.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Sat, 19 Nov 2011 10:57:54 GMT) (full text, mbox, link).
Bug reassigned from package 'libssl0.9.8' to 'openssl'.
Request was from Kurt Roeckx <kurt@roeckx.be>
to control@bugs.debian.org.
(Sat, 19 Nov 2011 10:58:10 GMT) (full text, mbox, link).
Bug No longer marked as found in versions openssl/0.9.8o-4 and openssl/0.9.8o-4squeeze3.
Request was from Kurt Roeckx <kurt@roeckx.be>
to control@bugs.debian.org.
(Sat, 19 Nov 2011 10:58:11 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>:
Bug#645805; Package openssl.
(Fri, 23 Dec 2011 20:24:07 GMT) (full text, mbox, link).
Acknowledgement sent
to Moritz Muehlenhoff <jmm@inutil.org>:
Extra info received and forwarded to list. Copy sent to Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>.
(Fri, 23 Dec 2011 20:24:07 GMT) (full text, mbox, link).
Message #28 received at 645805@bugs.debian.org (full text, mbox, reply):
On Wed, Oct 19, 2011 at 10:54:25PM +0200, Kurt Roeckx wrote:
> found 645805 0.9.8o-4
> thanks
>
> On Tue, Oct 18, 2011 at 08:24:30PM +0200, Florian Weimer wrote:
> > Package: libssl0.9.8
> > Version: 0.9.8o-4squeeze3
> >
> > It seems that there's a remotely triggerable OPENSSL_assert() in the
> > DTLS code:
> >
> > | The reception of incomplete or incorrectly formatted DTLS fragments
> > | is handled with an OPENSSL_assert(), causing the program to exit
> > | rather then just terminating the connection. This patch exchanges
> > | the asserts with unexpected message and illegal parameter alerts.
> >
> > <http://rt.openssl.org/Ticket/Display.html?id=2625&user=guest&pass=guest>
> >
> > I don't know how functional the DTLS code in squeeze is, perhaps it's
> > necessary to fix this there, too.
>
> I'm pretty sure we have people using DTLS in squeeze.
>
> I currently don't have time to deal with this.
Kurt,
Can you fix this in the upcoming stable point update?
Cheers,
Moritz
Bug Marked as found in versions openssl/0.9.8g-15.
Request was from kurt@roeckx.be (Kurt Roeckx)
to control@bugs.debian.org.
(Sat, 14 Jan 2012 21:27:08 GMT) (full text, mbox, link).
Reply sent
to Kurt Roeckx <kurt@roeckx.be>:
You have taken responsibility.
(Sun, 15 Jan 2012 22:21:21 GMT) (full text, mbox, link).
Notification sent
to Florian Weimer <fw@deneb.enyo.de>:
Bug acknowledged by developer.
(Sun, 15 Jan 2012 22:21:21 GMT) (full text, mbox, link).
Message #35 received at 645805-close@bugs.debian.org (full text, mbox, reply):
Source: openssl
Source-Version: 0.9.8g-15+lenny15
We believe that the bug you reported is fixed in the latest version of
openssl, which is due to be installed in the Debian FTP archive:
libcrypto0.9.8-udeb_0.9.8g-15+lenny15_amd64.udeb
to main/o/openssl/libcrypto0.9.8-udeb_0.9.8g-15+lenny15_amd64.udeb
libssl-dev_0.9.8g-15+lenny15_amd64.deb
to main/o/openssl/libssl-dev_0.9.8g-15+lenny15_amd64.deb
libssl0.9.8-dbg_0.9.8g-15+lenny15_amd64.deb
to main/o/openssl/libssl0.9.8-dbg_0.9.8g-15+lenny15_amd64.deb
libssl0.9.8_0.9.8g-15+lenny15_amd64.deb
to main/o/openssl/libssl0.9.8_0.9.8g-15+lenny15_amd64.deb
openssl_0.9.8g-15+lenny15.diff.gz
to main/o/openssl/openssl_0.9.8g-15+lenny15.diff.gz
openssl_0.9.8g-15+lenny15.dsc
to main/o/openssl/openssl_0.9.8g-15+lenny15.dsc
openssl_0.9.8g-15+lenny15_amd64.deb
to main/o/openssl/openssl_0.9.8g-15+lenny15_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 645805@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Kurt Roeckx <kurt@roeckx.be> (supplier of updated openssl package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 14 Jan 2012 16:53:11 +0100
Source: openssl
Binary: openssl libssl0.9.8 libcrypto0.9.8-udeb libssl-dev libssl0.9.8-dbg
Architecture: source amd64
Version: 0.9.8g-15+lenny15
Distribution: lenny-security
Urgency: low
Maintainer: Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>
Changed-By: Kurt Roeckx <kurt@roeckx.be>
Description:
libcrypto0.9.8-udeb - crypto shared library - udeb (udeb)
libssl-dev - SSL development libraries, header files and documentation
libssl0.9.8 - SSL shared libraries
libssl0.9.8-dbg - Symbol tables for libssl and libcrypto
openssl - Secure Socket Layer (SSL) binary and related cryptographic tools
Closes: 645805 650621
Changes:
openssl (0.9.8g-15+lenny15) lenny-security; urgency=low
.
* Fix CVE-2011-4354 (Closes: #650621)
* Fix CVE-2011-4108, CVE-2011-4109, CVE-2011-4576, CVE-2011-4619
and CVE-2011-4577
* Send alert instead of assertion failure for incorrectly formatted DTLS
fragments. (Closes: #645805)
Checksums-Sha1:
ad030ed397deba418d47946c49039206af4fbffb 1977 openssl_0.9.8g-15+lenny15.dsc
866515bb33adf684acdc82ef489a122325cf456f 85241 openssl_0.9.8g-15+lenny15.diff.gz
af48dddfa7651f3f280bc0efe55b262202923c7c 1045008 openssl_0.9.8g-15+lenny15_amd64.deb
4025c95e329d86905f688985c22f20a6a283e40d 980974 libssl0.9.8_0.9.8g-15+lenny15_amd64.deb
60e24fd2f7835c36035588647a303f793c07beec 640336 libcrypto0.9.8-udeb_0.9.8g-15+lenny15_amd64.udeb
46c0b06fed6ac5f7c7b49f57b6121f69727442ea 2251282 libssl-dev_0.9.8g-15+lenny15_amd64.deb
6efe971ef4ffd0b6e281029a9219febb81e7af39 1637408 libssl0.9.8-dbg_0.9.8g-15+lenny15_amd64.deb
Checksums-Sha256:
9c38a04fbc1e5055cb57b9ccb92d3c59287b851f05a28bd9e802fdc67e2eafad 1977 openssl_0.9.8g-15+lenny15.dsc
945b983741d8320dd77a003db10ea1887090a745a1fd0859e42204065d2bfff2 85241 openssl_0.9.8g-15+lenny15.diff.gz
d1d6ca6d13aae476548b6d40b9e82f0b9429a520b8e54ac4d454c34718386023 1045008 openssl_0.9.8g-15+lenny15_amd64.deb
d00deb3fa181cfc288636e832a3a235e2f4123778037ee1502d4fd779d96cba5 980974 libssl0.9.8_0.9.8g-15+lenny15_amd64.deb
19851f666d55b499eb001f12c00b77d420666ddc522c15f04dcc9408aaf1fa82 640336 libcrypto0.9.8-udeb_0.9.8g-15+lenny15_amd64.udeb
184adab25e8de035afe97a684100ff8c833e63252e73967cadc2c8271a3c2bf8 2251282 libssl-dev_0.9.8g-15+lenny15_amd64.deb
d3a457cc7d48e3d96d73f702f4ef7a2b957afb85cd7a81f7efdc6888769f3015 1637408 libssl0.9.8-dbg_0.9.8g-15+lenny15_amd64.deb
Files:
7dc59c84b8c22cdefc46264243f7c150 1977 utils optional openssl_0.9.8g-15+lenny15.dsc
705d0af922eefa19ba69edc67e053f34 85241 utils optional openssl_0.9.8g-15+lenny15.diff.gz
72a8c89c6d96e2b98d335b67ec8b2af6 1045008 utils optional openssl_0.9.8g-15+lenny15_amd64.deb
6907bd984c99534970a43add0f7e2d9b 980974 libs important libssl0.9.8_0.9.8g-15+lenny15_amd64.deb
70a5594daca5c632bc26b51174a48478 640336 debian-installer optional libcrypto0.9.8-udeb_0.9.8g-15+lenny15_amd64.udeb
a6dcab2ea56ccb113884ddc7811b9e7d 2251282 libdevel optional libssl-dev_0.9.8g-15+lenny15_amd64.deb
703e0207b343b2972936742f530f377f 1637408 libdevel extra libssl0.9.8-dbg_0.9.8g-15+lenny15_amd64.deb
Package-Type: udeb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBCgAGBQJPEfwtAAoJEGpMZM6DE7XwARoP/jpfDcYCP9At60yyjH9FjZSY
VqApHu5oSW/inNd5Zvl8BycGmPTGM8/9QVZ6g75/MphpJkOFTrQ2g3cAPRqGSiJr
lBwp25G6L9YkXTkkJMk5sqZyWzkGTTp+1DQwgQRGewIlsRN8s1W8z4e2cFf+Ihkd
T0D+GhcPFQxTpG5KzDmq5GZMgfDDwqvlNjdt++jr/zwgTyUpizdBAZRFgcfGrqnV
aEyDBS175WEEqQTGGH2N+qxt75P1Pc+Tnvb3nCUb7002k1LDKw/oNcBDD5S4XIsQ
0vi1pGKRsV/89R+HOV2gaKXA22zrHzNOTp9Fry5Q6SL/AQYdVqcAkr4uvDFzNRdv
HJqEian+p47RNRWoL10DI6bnSI/nWBEZ+2DCeEQFbwfo1i74FD87Bl0ATg59mGVA
F0erFwsq9VzIdypUVAZdHduaRkTx1aLErYGpE6FdWaylCYIK0HkBw1yy/R6oPxZ7
0cy+kJyVkFzpli1ayCaE89R7H8I1Crx54f7nqAyJpCzY0zYjPdyPhp3pdX7tK4yv
CeeyUJDMQybO76O0DpPDShZRRKgBFDVY0vAUhGipqRI/oeuMJV0h49tsVOyKXuld
ofr3vlHdbxsUEXeoycxuPxH1f0FBKvirby/DQu56K347cfpdYz69oht8chW9oYNd
7Vy/VmaTOmqVqDSJPp8A
=7868
-----END PGP SIGNATURE-----
Reply sent
to Kurt Roeckx <kurt@roeckx.be>:
You have taken responsibility.
(Sun, 15 Jan 2012 22:21:23 GMT) (full text, mbox, link).
Notification sent
to Florian Weimer <fw@deneb.enyo.de>:
Bug acknowledged by developer.
(Sun, 15 Jan 2012 22:21:23 GMT) (full text, mbox, link).
Message #40 received at 645805-close@bugs.debian.org (full text, mbox, reply):
Source: openssl
Source-Version: 0.9.8o-4squeeze5
We believe that the bug you reported is fixed in the latest version of
openssl, which is due to be installed in the Debian FTP archive:
libcrypto0.9.8-udeb_0.9.8o-4squeeze5_amd64.udeb
to main/o/openssl/libcrypto0.9.8-udeb_0.9.8o-4squeeze5_amd64.udeb
libssl-dev_0.9.8o-4squeeze5_amd64.deb
to main/o/openssl/libssl-dev_0.9.8o-4squeeze5_amd64.deb
libssl0.9.8-dbg_0.9.8o-4squeeze5_amd64.deb
to main/o/openssl/libssl0.9.8-dbg_0.9.8o-4squeeze5_amd64.deb
libssl0.9.8_0.9.8o-4squeeze5_amd64.deb
to main/o/openssl/libssl0.9.8_0.9.8o-4squeeze5_amd64.deb
openssl_0.9.8o-4squeeze5.debian.tar.gz
to main/o/openssl/openssl_0.9.8o-4squeeze5.debian.tar.gz
openssl_0.9.8o-4squeeze5.dsc
to main/o/openssl/openssl_0.9.8o-4squeeze5.dsc
openssl_0.9.8o-4squeeze5_amd64.deb
to main/o/openssl/openssl_0.9.8o-4squeeze5_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 645805@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Kurt Roeckx <kurt@roeckx.be> (supplier of updated openssl package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 14 Jan 2012 22:23:53 +0100
Source: openssl
Binary: openssl libssl0.9.8 libcrypto0.9.8-udeb libssl-dev libssl0.9.8-dbg
Architecture: source amd64
Version: 0.9.8o-4squeeze5
Distribution: squeeze-security
Urgency: low
Maintainer: Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>
Changed-By: Kurt Roeckx <kurt@roeckx.be>
Description:
libcrypto0.9.8-udeb - crypto shared library - udeb (udeb)
libssl-dev - SSL development libraries, header files and documentation
libssl0.9.8 - SSL shared libraries
libssl0.9.8-dbg - Symbol tables for libssl and libcrypto
openssl - Secure Socket Layer (SSL) binary and related cryptographic tools
Closes: 645805
Changes:
openssl (0.9.8o-4squeeze5) squeeze-security; urgency=low
.
* Fix CVE-2011-4108, CVE-2011-4109, CVE-2011-4576, CVE-2011-4619
and CVE-2011-4577
* Send alert instead of assertion failure for incorrectly formatted DTLS
fragments. (Closes: #645805)
Checksums-Sha1:
e736c877672311d6c4487fdd126283c26d5093e8 1999 openssl_0.9.8o-4squeeze5.dsc
eed84388ab64d5ae207feb496a274845b84274e5 69960 openssl_0.9.8o-4squeeze5.debian.tar.gz
95c306e0bd7927aafa270dc043f19a99e7bd465a 1059472 openssl_0.9.8o-4squeeze5_amd64.deb
2cdc0e57b3c076d991973d88435c59d6d191830e 997522 libssl0.9.8_0.9.8o-4squeeze5_amd64.deb
924316180ac6028513937d7c76ea58d109bb3986 643040 libcrypto0.9.8-udeb_0.9.8o-4squeeze5_amd64.udeb
23579663845e728eb3aadedc55acb8667391fcf4 2297492 libssl-dev_0.9.8o-4squeeze5_amd64.deb
5dad2cad0033b972d9bc45fa378d4336eb796822 1602584 libssl0.9.8-dbg_0.9.8o-4squeeze5_amd64.deb
Checksums-Sha256:
7cadd5d84017dbcff1a9de60455783dc1163fec43ca2d9001339226e0493fe27 1999 openssl_0.9.8o-4squeeze5.dsc
0dc15a209d318d8a60a19684b16da6f17ccb882ed93b06bacde2d6a82a50c112 69960 openssl_0.9.8o-4squeeze5.debian.tar.gz
5f39785e40da2f811c555c06c43226446d36e9a5628bf45113f49b92410af2f7 1059472 openssl_0.9.8o-4squeeze5_amd64.deb
cb61884ae7b3b0bdd0e2eaafb48cb66cf417650201d7f6bc9c6ac7cd1bb0f2be 997522 libssl0.9.8_0.9.8o-4squeeze5_amd64.deb
e84d1280d9a8131c2e3484b1305165828caa666984c598dbbef25545ce09ef7e 643040 libcrypto0.9.8-udeb_0.9.8o-4squeeze5_amd64.udeb
f2d689831149b732b375b99c6b721f1061aa65e733cd5c151d877da28506616a 2297492 libssl-dev_0.9.8o-4squeeze5_amd64.deb
713477e0513d154a6c0693eca9899472beccdd647ab882572f1e16234be98a9e 1602584 libssl0.9.8-dbg_0.9.8o-4squeeze5_amd64.deb
Files:
71693f729c156ac16cc9ce2f12986935 1999 utils optional openssl_0.9.8o-4squeeze5.dsc
a9dc958ebe3a56ce2e18a283663a2140 69960 utils optional openssl_0.9.8o-4squeeze5.debian.tar.gz
32d7a9473ea2db2f6ae3876e376019c7 1059472 utils optional openssl_0.9.8o-4squeeze5_amd64.deb
60e0b4b61769da307e7393c3cc0b8be1 997522 libs important libssl0.9.8_0.9.8o-4squeeze5_amd64.deb
dff354ce08c939ece8053339f549c806 643040 debian-installer optional libcrypto0.9.8-udeb_0.9.8o-4squeeze5_amd64.udeb
f1debbe5dd1e9d25029c23dda7b96e14 2297492 libdevel optional libssl-dev_0.9.8o-4squeeze5_amd64.deb
9f7da8ace8bc594ffa5941da0cafe29c 1602584 debug extra libssl0.9.8-dbg_0.9.8o-4squeeze5_amd64.deb
Package-Type: udeb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBCgAGBQJPEp3kAAoJEGpMZM6DE7XwzWIQAJzKiFnsj54C6tOe1dzLTXpF
YBX5x3ZfkRAEB1+5nUS17ta+WTByQctuuyvbhFMOD0NsuL1MzNIC2EBqE6xO+bpm
vKujYw+yxLW9YdLm1FNG1MxdB+DdHyx33SrIaR/Hv6GJwP8NtmvImUYBAoY0OaGW
xt3eFgvtnkhak2/JMlSUnb4xH5ToDbLND5LvqM1IvoYeL/ATIuFIdv19wQqUd5SV
JkhypGKPF3Bq13blcgdYJZmN7PlEG8EmVlIiDnQ1G6hhP4sL3ywyJRZ/HPHNcAOf
vD1F6wSJuhsyuE5iLyM6vL50m3UQVfCTdzCtyKBbFufwhe3sijDwnQRoMS1NUsdz
xBNhU0BvQTi2Zpn3M5MaGXXGCXBuR+Pf4Uwf8hoxKY2D5o6p4oV9ok7Nzk1Sme5p
0WuXvpS9QqSlEBSCgVTFtGjt3bvcqsi1+z9FO/Y5JiCuhi+E4ohbd6wyQlkz6BF2
RXAu7UQLEBlnTZcO35Ynq3yzQgTHD3n5pL9l6JGu6xJGeLSpyUQAINq5POT1jekP
+MKJaWqqOSLrSUgPIaDE9s4Qb8yWrlB8NPlHS30N2LYzEO3UdVZjjmJU+dV/ijsI
ZKDlGCPJ+G3j67F3RiZuCQcLfCIW2EWxEH/F7QkCabEz+1JPj41TJoUE7srzaJ14
qD+A0lCeeNrLNbNqeXnV
=fvKu
-----END PGP SIGNATURE-----
Marked as found in versions openssl/0.9.8o-4squeeze3.
Request was from Andreas Beckmann <anbe@debian.org>
to control@bugs.debian.org.
(Mon, 04 Nov 2013 03:06:20 GMT) (full text, mbox, link).
Marked as found in versions openssl/0.9.8o-4.
Request was from Andreas Beckmann <anbe@debian.org>
to control@bugs.debian.org.
(Mon, 04 Nov 2013 03:06:21 GMT) (full text, mbox, link).
Marked as fixed in versions openssl/1.0.0f-1.
Request was from Andreas Beckmann <anbe@debian.org>
to control@bugs.debian.org.
(Mon, 04 Nov 2013 03:06:21 GMT) (full text, mbox, link).
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Mon, 02 Dec 2013 07:26:45 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 13:36:03 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon