9 Feb
2011
9 Feb
'11
3:06 a.m.
On Tue, Feb 8, 2011 at 9:46 PM, Pierre Schmitz <pierre@archlinux.de> wrote:
Hi,
this is a security update of openssl; please sign off.
Changes between 1.0.0c and 1.0.0d [8 Feb 2011]
*) Fix parsing of OCSP stapling ClientHello extension. CVE-2011-0014 [Neel Mehta, Adam Langley, Bodo Moeller (Google)]
*) Fix bug in string printing code: if *any* escaping is enabled we must escape the escape character (backslash) or the resulting string is ambiguous. [Steve Henson]
Greetings,
Pierre
-- Pierre Schmitz, https://users.archlinux.de/~pierre
Signoff both.