[Bug 1304042] Re: CVE-2014-0160
Sven 'Darkman' Michels
1304042 at bugs.launchpad.net
Mon Apr 7 23:23:49 UTC 2014
Hi,
why is the urgency in the changelog just "medium" when the bug has a severity of "grave"?
Shouldn't that be enough for high?
And thanks for the quick reaction/fix, good job!
Best regards,
Darkman
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1304042
Title:
CVE-2014-0160
Status in “openssl” package in Ubuntu:
Fix Released
Status in “openssl” package in Debian:
Unknown
Bug description:
The version of OpenSSL which is shipped with Ubuntu is vulnerable to
CVE-2014-0160. This is resolved with OpenSSL 1.0.1g
(https://www.openssl.org/news/secadv_20140407.txt). This is
*extremely* high severity, see heartbleed.com for full information.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1304042/+subscriptions
More information about the foundations-bugs
mailing list