USN-750-1: OpenSSL vulnerability
30 March 2009
- openssl -
It was discovered that OpenSSL did not properly validate the length of an
encoded BMPString or UniversalString when printing ASN.1 strings. If a user
or automated system were tricked into processing a crafted certificate, an
attacker could cause a denial of service via application crash in
applications linked against OpenSSL.
The problem can be corrected by updating your system to the following package versions:
After a standard system upgrade you need to reboot your computer to
effect the necessary changes.