Oval Definition:oval:org.mitre.oval:def:13504
Revision Date:2014-06-23Version:19
Title:DSA-1701-1 openssl, openssl097 -- interpretation conflict
Description:It was discovered that OpenSSL does not properly verify DSA signatures on X.509 certificates due to an API misuse, potentially leading to the acceptance of incorrect X.509 certificates as genuine. For the stable distribution, this problem has been fixed in version 0.9.8c-4etch4 of the openssl package, and version 0.9.7k-3.1etch2 of the openssl097 package. For the unstable distribution, this problem has been fixed in version 0.9.8g-15. The testing distribution will be fixed soon. We recommend that you upgrade your OpenSSL packages.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2008-5077
DSA-1701-1
Platform(s):Debian GNU/Linux 4.0
Product(s):openssl
openssl097
Definition Synopsis
  • Debian GNU/Linux 4.0 is installed.
  • AND Architecture section
  • Architecture depended section
  • Supported architectures section
  • Installed architecture is s390
  • OR Installed architecture is amd64
  • OR Installed architecture is sparc
  • OR Installed architecture is powerpc
  • OR Installed architecture is i386
  • OR Installed architecture is ia64
  • OR Installed architecture is alpha
  • OR Installed architecture is mipsel
  • OR Installed architecture is hppa
  • AND Packages section
  • libssl0.9.7-dbg DPKG is earlier than 0.9.7k-3.1etch2
  • OR libssl-dev DPKG is earlier than 0.9.8c-4etch4
  • OR libssl0.9.8-dbg DPKG is earlier than 0.9.8c-4etch4
  • OR openssl DPKG is earlier than 0.9.8c-4etch4
  • OR libssl0.9.8 DPKG is earlier than 0.9.8c-4etch4
  • OR libssl0.9.7 DPKG is earlier than 0.9.7k-3.1etch2
  • OR Architecture depended section
  • Installed architecture is mips
  • AND Packages section
  • libssl-dev DPKG is earlier than 0.9.8c-4etch4
  • OR libssl0.9.8-dbg DPKG is earlier than 0.9.8c-4etch4
  • OR libssl0.9.8 DPKG is earlier than 0.9.8c-4etch4
  • OR openssl DPKG is earlier than 0.9.8c-4etch4
    • BACK