sbeattie | only affects CMS, PKCS #7, or S/MIME decryption, not SSL/TLS transactions |
mdeslaur | from oss-security: "If a Linux distribution picks up the fix for CVE-2012-0884 then they will want to pick up change 22161 at the same time since the fix for the security vulnerability will generally cause symmetric decryption errors when it kicks in and things get very confusing for the end user without change 22161" A second issue was fixed too, see: http://www.openwall.com/lists/oss-security/2012/05/11/5 |
Upstream: | released (1.0.1) |
Ubuntu 14.04 ESM (Trusty Tahr): | not-affected (1.0.1-4ubuntu1) |
Upstream: | needs-triage |
Ubuntu 14.04 ESM (Trusty Tahr): | DNE (trusty was released [0.9.8o-7ubuntu3.2.14.04.1]) |
Updated: 2019-12-05 20:58:46 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)