** Changed in: libesmtp (Debian)
Status: New => Confirmed
--
MIR fallout: libesmtp does not check NULL bytes in commonNames of certificates
(variant of CVE-2009-2408)
https://bugs.launchpad.net/bugs/515996
You received this bug notification because you are a member of Ubuntu
High Availability Team, which is a direct subscriber.
Status in “libesmtp” package in Ubuntu: Incomplete
Status in “libesmtp” package in Debian: Confirmed
Bug description:
1. Availability: amd64, armel, i386, ia64, powerpc, sparc
2. Rationale: The package helps meet
https://blueprints.edge.launchpad.net/ubuntu/+spec/server-lucid-cluster-stack
blueprint goal. Needed binary packages are libesmtp5 and libesmtp-dev.
3. Security: 1 old CVE: CVE-2002-1090
4. QA: 1 openssl/gnutls related bug in Debian, no bugs in Ubuntu. Upstream's
last release was in 2005. URL: http://www.stafford.uklinux.net/libesmtp/
5. UI standards: none
6. Dependencies: all in main
7. Standards: no lintian warnings. Package is packaged with debhelper and uses
custom developed patch system.
8. Maintenance: simple package, syncs should be enough (there were no Ubuntu
changes in package history)
9. Background information: this package is one of dependencies for new cluster
stack in Ubuntu.
_______________________________________________
Mailing list: https://launchpad.net/~ubuntu-ha
Post to : [email protected]
Unsubscribe : https://launchpad.net/~ubuntu-ha
More help : https://help.launchpad.net/ListHelp
