Just to let everyone know, a security bug has been found in openssl : (copying from here : http://marc.info/?l=openssl- announce&m=128992699401945&w=2)
"All versions of OpenSSL supporting TLS extensions contain this vulnerability including OpenSSL 0.9.8f through 0.9.8o, 1.0.0, 1.0.0a releases." This is fixed (again copying from the above): "Users of all OpenSSL 0.9.8 releases from 0.9.8f through 0.9.8o should update to the OpenSSL 0.9.8p release which contains a patch to correct this issue. Users of OpenSSL 1.0.0 and 1.0.0a should update to the OpenSSL 1.0.0b release which contains a patch to correct this issue." You can find more information about releases 0.9.8p and 1.0.0b here : http://marc.info/?l=openssl-announce&r=1&b=201011&w=2 So i believe this report should be updated to reflect the above and request openssl 1.0.0b to be included in the latest ubuntu repository (and maybe consider updating the other related openssl reports in launchpad concerning 0.9.8 versions) -- upgrade to the latest 1.0.0a with its security fixes https://bugs.launchpad.net/bugs/675566 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
