Oval Definition:	oval:org.mitre.oval:def:13751
Revision Date: 2014-06-23 Version: 20 Title: DSA-1763-1 openssl -- programming error Description: It was discovered that insufficient length validations in the ASN.1 handling of the OpenSSL crypto library may lead to denial of service when processing a manipulated certificate. For the old stable distribution, this problem has been fixed in version 0.9.8c-4etch5 of the openssl package and in version 0.9.7k-3.1etch3 of the openssl097 package. For the stable distribution, this problem has been fixed in version 0.9.8g-15+lenny1. For the unstable distribution, this problem has been fixed in version 0.9.8g-16. We recommend that you upgrade your openssl packages. Family: unix Class: patch Status: ACCEPTED Reference(s): CVE-2009-0590 DSA-1763-1 Platform(s): Debian GNU/Linux 4.0 Debian GNU/Linux 5.0 Product(s): openssl Definition Synopsis Release section Debian GNU/Linux 5.0 is installed AND Supported architectures section Installed architecture is s390 OR Installed architecture is amd64 OR Installed architecture is sparc OR Installed architecture is arm OR Installed architecture is i386 OR Installed architecture is armel OR Installed architecture is mips OR Installed architecture is ia64 OR Installed architecture is alpha OR Installed architecture is powerpc OR Installed architecture is mipsel OR Installed architecture is hppa AND Packages section libssl-dev DPKG is earlier than 0.9.8g-15+lenny1 OR libssl0.9.8-dbg DPKG is earlier than 0.9.8g-15+lenny1 OR libssl0.9.8 DPKG is earlier than 0.9.8g-15+lenny1 OR openssl DPKG is earlier than 0.9.8g-15+lenny1 OR Release section Debian GNU/Linux 4.0 is installed. AND Packages section libssl0.9.7-dbg DPKG is earlier than 0.9.7k-3.1etch3 OR libssl-dev DPKG is earlier than 0.9.8c-4etch5 OR libssl0.9.8-dbg DPKG is earlier than 0.9.8c-4etch5 OR openssl DPKG is earlier than 0.9.8c-4etch5 OR libssl0.9.8 DPKG is earlier than 0.9.8c-4etch5 OR libssl0.9.7 DPKG is earlier than 0.9.7k-3.1etch3
BACK