Bug 12557 - (int-173135) openssl: CVE-2010-0742: Cryptographic Message Syntax vulnerability
(int-173135)
: openssl: CVE-2010-0742: Cryptographic Message Syntax vulnerability
Status: RESOLVED FIXED
Product: Maemo 5 Community SSU
general
: testing
: N900 Maemo
: Unspecified major (vote)
: ---
Assigned To: unassigned
: general
:
: patch, security
:
:
  Show dependency tree
 
Reported: 2012-01-21 19:01 UTC by Andre Klapper
Modified: 2012-04-07 20:07 UTC (History)
1 user (show)

See Also:


Attachments


Note

You need to log in before you can comment on or make changes to this bug.


Description Andre Klapper (reporter) maemo.org 2012-01-21 19:01:53 UTC
SOFTWARE VERSION:
21.2011.38-1Tmaemo1.2 (17.01.2012)
openssl 0.9.8n-1+maemo4+0m5 as officially shipped

DESCRIPTION:
See https://www.redhat.com/security/data/cve/CVE-2010-0742.html

UPSTREAM PATCH:
http://cvs.openssl.org/chngview?cn=19693
Comment 1 Christian Ratzenhofer 2012-04-07 20:07:10 UTC
This has been fixed for the Community SSU Updates in package
openssl (0.9.8n-1+maemo4+0m5+0cssu0)
which is part of the build version
21.2011.38-1Tmaemo3
(Note: 21.2011.38-1is the latest official Nokia version.
The number after it indicates the Community SSU release version.)

Commit:
https://gitorious.org/community-ssu/openssl/commit/284e632b1dc7772d7e118b7527967126438e3644

For more information about Community SSU please see
http://wiki.maemo.org/Community_SSU