Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 485112

Summary: dev-libs/openssl-0.9.8y should be unaffected by GLSA 201203-12 and GLSA 201110-01
Product: Gentoo Security Reporter: Erik Wallin <erikw>
Component: GLSA ErrorsAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: erikw
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Erik Wallin 2013-09-16 16:15:02 UTC 
After the stablilization of openssl-0.9.8y yesterday glsa-check warns about GLSA 201203-12 and GLSA 201110-01.

0.9.8y should not be affected by any of the CVE's in those two GLSA's. It's an upgrade to 0.9.8x which is not affected.
Comment 1 Sean Amoss (RETIRED) gentoo-dev Security 2013-09-17 23:14:56 UTC 
Thank you for the report, Erik. 

Unfortunately, these types of GLSAs need to be updated with each new slot bump. 

I have updated both GLSAs to reflect 0.9.8y.