DSA-2100-1 openssl -- double freeID: oval:org.secpod.oval:def:600148 | Date: (C)2011-01-28 (M)2023-11-09 |
Class: PATCH | Family: unix |
George Guninski discovered a double free in the ECDH code of the OpenSSL crypto library, which may lead to denial of service and potentially the execution of arbitrary code. For the stable distribution , this problem has been fixed in version 0.9.8g-15+lenny8. For the unstable distribution , this problem has been fixed in version 0.9.8o-2. We recommend that you upgrade your openssl packages.