[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[BSA-060] Security Update for openssl



Andres Salomon uploaded new packages for openssl which fixed the
following security problems:

CVE-2011-3210
	Unsafe thread handling in ECDH ciphersuite allow denial of
	service attack.

CVE-2011-1945
	Timing attacks against ECDHE_ECDSA private keys.

CVE-2011-0014
	Remote denial of service attacks possible or information leak
	via malformed handshake messages.

For the lenny-backports distribution the problems have been fixed in
version 0.9.8o-4squeeze4~bpo50+1.

For the stable distribution (squeeze), the problems have been fixed in
version 0.9.8o-4squeeze4.

Attachment: signature.asc
Description: PGP signature


Reply to: