From b347aefe83c7ee61f1abf688fc3ced20a8c28ad1 Mon Sep 17 00:00:00 2001
From: Christian Wiese <christian.wiese@securepoint.de>
Date: Fri, 4 Jun 2010 17:04:51 +0200
Subject: [PATCH] openssl: Updated (0.9.8n -> 0.9.8o) SECURITY! CVE-2010-1633

[IMPORTANT]

An invalid Return value check in pkey_rsa_verifyrecover was discovered. When
verification recovery fails for RSA keys an uninitialised buffer with an
undefined length is returned instead of an error code. This could lead to an
information leak.

original advisory: http://www.openssl.org/news/secadv_20100601.txt
CVE-2010-1633: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1633
---
 security/openssl/openssl.desc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/security/openssl/openssl.desc b/security/openssl/openssl.desc
index ea4c8c8ba..d0d67eec7 100644
--- a/security/openssl/openssl.desc
+++ b/security/openssl/openssl.desc
@@ -35,7 +35,7 @@
 
 [L] OpenSource
 [S] Stable
-[V] 0.9.8n
+[V] 0.9.8o
 [P] X -?---5---9 104.600
 
-[D] 4230078551 openssl-0.9.8n.tar.gz http://openssl.org/source/
+[D] 3867795964 openssl-0.9.8o.tar.gz http://openssl.org/source/