Upstream says this was fixed in 0.9.5. http://marc.info/?l=openssl-dev&m=123603013118058&w=3
** Changed in: openssl (Ubuntu) Status: New => Invalid -- CVE-2009-0653: OpenSSL does not verify the Basic Constraints for an intermediate CA-signed certificate https://bugs.launchpad.net/bugs/339834 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs