Debian Security Advisory 1970 openssl – denial of service


It was discovered that a significant memory leak could occur in OpenSSL, related to the reinitialization of zlib. This could result in a remotely exploitable denial of service vulnerability when using the Apache httpd server in a configuration where mod_ssl, mod_php5, and the php5-curl extension are loaded.

The old stable distribution (etch) is not affected by this issue.

For the stable distribution (lenny), this problem has been fixed in version 0.9.8g-15+lenny6…

Read More