Name | TEMP-0913136-041770 |
Description | DSA verification crashes OpenSSL on invalid combinations of key content |
Source | Automatically generated temporary name. Not for external reference. |
Debian Bugs | 913136 |
Vulnerable and fixed packages
The table below lists information on source packages.
Source Package | Release | Version | Status |
---|
xml-security-c (PTS) | jessie, jessie (lts) | 1.7.2-3+deb8u2 | fixed |
| stretch | 1.7.3-4+deb9u3 | fixed |
| stretch (security), stretch (lts) | 1.7.3-4+deb9u1 | vulnerable |
| buster | 2.0.2-3 | fixed |
| bullseye | 2.0.2-4 | fixed |
| sid, trixie, bookworm | 2.0.4-2 | fixed |
The information below is based on the following data on fixed versions.
Notes
temporary entry for DLA-1594-1
https://issues.apache.org/jira/browse/SANTUARIO-496
patch 1/2: http://svn.apache.org/r1843562
patch 2/2: http://svn.apache.org/r1843566