Candidate: CVE-2009-0128
PublicDate: 2009-01-15 17:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0128
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=511511
Description:
 plugins/crypto/openssl/crypto_openssl.c in Simple Linux Utility for
 Resource Management (aka SLURM or slurm-llnl) does not properly check the
 return value from the OpenSSL EVP_VerifyFinal function, which allows remote
 attackers to bypass validation of the certificate chain via a malformed
 SSL/TLS signature, a similar vulnerability to CVE-2008-5077.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_slurm-llnl:
upstream_slurm-llnl: released (1.3.13-1)
dapper_slurm-llnl: DNE
gutsy_slurm-llnl: DNE
hardy_slurm-llnl: ignored (reached end-of-life)
intrepid_slurm-llnl: released (1.3.6-1lenny3build0.8.10.1)
jaunty_slurm-llnl: not-affected (1.3.13-1)
karmic_slurm-llnl: not-affected (1.3.15-1)
lucid_slurm-llnl: not-affected (1.3.15-1)
maverick_slurm-llnl: not-affected (1.3.15-1)
natty_slurm-llnl: not-affected (1.3.15-1)
oneiric_slurm-llnl: not-affected (1.3.15-1)
devel_slurm-llnl: not-affected (1.3.15-1)