openslp as of 1.2.1-5 (the one shipped in Dapper), doesn't build with
--enable-security and in fact Build-Conflicts against libssl-dev (see
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=337606), so the package
would need significant changes to be affected by this bug.
** Changed in: openslp-dfs
** Changed in: openslp-dfsg (Ubuntu)
Importance: High => Medium
--
OpenSSL signature verification API misuses
https://bugs.launchpad.net/bugs/314776
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to bind9 in ubuntu.
--
Ubuntu-server-bug
bind9 (1:9.5.0.dfsg.P2-5ubuntu1) jaunty; urgency=low
* SECURITY UPDATE: clients treat malformed signatures as good when verifying
server DSA and ECDSA certificates.
- update lib/dns/openssldsa_link.c to properly check the return code of
DSA_do_verify()
- CVE-2009-0025
** Chan
** Changed in: openslp-dfsg (Ubuntu)
Status: Triaged => In Progress
--
OpenSSL signature verification API misuses
https://bugs.launchpad.net/bugs/314776
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to bind9 in ubuntu.
--
Ubuntu-se
Bind9 is fixed in http://www.ubuntu.com/usn/usn-706-1.
--
OpenSSL signature verification API misuses
https://bugs.launchpad.net/bugs/314776
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to bind9 in ubuntu.
--
Ubuntu-server-bugs mailing li
** Changed in: ntp (Ubuntu)
Importance: High => Medium
** Changed in: bind9 (Ubuntu)
Importance: High => Medium
--
OpenSSL signature verification API misuses
https://bugs.launchpad.net/bugs/314776
You received this bug notification because you are a member of Ubuntu
Server Team, which is s
NTP issue is fixed in http://www.ubuntu.com/usn/usn-705-1.
--
OpenSSL signature verification API misuses
https://bugs.launchpad.net/bugs/314776
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to bind9 in ubuntu.
--
Ubuntu-server-bugs mailin
ntp (1:4.2.4p4+dfsg-7ubuntu3) jaunty; urgency=low
* SECURITY UPDATE: clients treat malformed signatures as good when verifying
server DSA and ECDSA certificates.
- debian/patches/CVE-2009-0021.patch: update ntpd/ntp_crypto.c to properly
check the return code of EVP_VerifyFinal()
** Changed in: bind9 (Ubuntu)
Status: In Progress => Fix Committed
--
OpenSSL signature verification API misuses
https://bugs.launchpad.net/bugs/314776
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to bind9 in ubuntu.
--
Ubuntu-ser
** Also affects: openslp-dfsg (Ubuntu)
Importance: Undecided
Status: New
** Changed in: openslp-dfsg (Ubuntu)
Assignee: (unassigned) => Jamie Strandboge (jdstrand)
Status: New => Triaged
** Changed in: bind9 (Ubuntu)
Importance: Undecided => High
** Changed in: ntp (Ubun
OpenSSL issue is fixed in http://www.ubuntu.com/usn/usn-704-1.
** Changed in: openssl (Ubuntu)
Status: Fix Committed => Fix Released
--
OpenSSL signature verification API misuses
https://bugs.launchpad.net/bugs/314776
You received this bug notification because you are a member of Ubuntu
S
openssl (0.9.8g-14ubuntu2) jaunty; urgency=low
* SECURITY UPDATE: clients treat malformed signatures as good when verifying
server DSA and ECDSA certificates
- update apps/speed.c, apps/spkac.c, apps/verify.c, apps/x509.c,
ssl/s2_clnt.c, ssl/s2_srvr.c, ssl/s3_clnt.c, s3_srvr.c, and
Thank you for using Ubuntu and taking the time to report a bug.
** Changed in: openssl (Ubuntu)
Assignee: (unassigned) => Jamie Strandboge (jdstrand)
Status: New => Fix Committed
** Changed in: ntp (Ubuntu)
Assignee: (unassigned) => Jamie Strandboge (jdstrand)
Status: New
13 matches
Mail list logo
