[arch-dev-public] [signoff] openssl 1.0.0a-3
allan at archlinux.org
Thu Aug 12 02:16:30 EDT 2010
On 11/08/10 02:22, Ionuț Bîru wrote:
> On 08/10/2010 02:08 PM, Pierre Schmitz wrote:
>> there was a double free issue discovered in openssl. This might be used
>> for remote code injection/execution. See
>> I have applied the proposed upstream patch
>> http://marc.info/?l=openssl-dev&m=128129628800826&w=2 (it's not in cvs
>> yet though, but at least it should not harm) Of course the test suite is
>> still passed and the mention cert no longer crashes openssl.
>> Please sign off.
> signoff x86_64
More information about the arch-dev-public