DTLS DoS issue
This issue is a caused by a regression of the CVE-2011-4108 fix.
base-system, are the two versions in $summary good to go stable?
yes, they should be good to stabilize
Arches, please test and mark stable:
Target KEYWORDS : "alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86"
Target KEYWORDS : "amd64 x86"
x86 stable. Thanks
Stable for HPPA.
OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, which
allows remote attackers to cause a denial of service via unspecified
vectors. NOTE: this vulnerability exists because of an incorrect fix for
Thanks, everyone. Already part of draft GLSA.
This issue was resolved and addressed in
GLSA 201203-12 at http://security.gentoo.org/glsa/glsa-201203-12.xml
by GLSA coordinator Sean Amoss (ackle).