There is no mention of either CVE-2011-4019 or 4109 at the moment in debian/changelog. As such there is nothing to do.
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2011-4019 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/1046462 Title: CVE-2011-4109 erroneously listed in changelog as CVE-2011-4019 Status in openssl package in Ubuntu: Confirmed Status in openssl098 package in Ubuntu: Invalid Bug description: While researching repair status for CVE-2011-4109 on Ubuntu 10.04 LTS, found details in changelog for CVE-2011-4019, which appear consistent with CVE-2011-4109. I believe that -4109 has been repaired , but has erroneously been added to the changelog as -4019. -4019 pertains to a Cisco product. Changelog: https://launchpad.net/ubuntu/+source/openssl/0.9.8k-7ubuntu8.8 Referred here after posting question to https://answers.launchpad.net/ubuntu/+source/openssl098/+question/207684 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1046462/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
