+++ This bug was initially created as a clone of Bug #280227 +++ CVE-2009-2409 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2409): The NSS library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash collision in less than brute-force time. NOTE: the scope of this issue is currently limited because the amount of computation required is still large.
Mark Cox wrote: So for upstream OpenSSL we have disabled MD2 support completely. This was done in two stages; the first was a patch in June 2009 (http://marc.info/?l=openssl-cvs&m=124508133203041&w=2) that removed the check of a trusted root self-signed certificate. Then MD2 was disabled in July, (http://cvs.openssl.org/chngview?cn=18381). Although there have not yet been any upstream releases containing these fixes, future OpenSSL 0.9.8 (after 0.9.8k), and OpenSSL 1.0.0 releases will contain this fix.
openssl-0.9.8l is in the tree now
Stabilization via bug 292022.
CVE-2009-2409 wasnt in the 0.9.8l release, so i added it to 0.9.8l-r1
GLSA 200912-01
