Referenced CVEs:
CVE-2009-0590
Description:
===========================================================Ubuntu Security Notice USN-750-1 March 30, 2009openssl vulnerabilityCVE-2009-0590===========================================================A security issue affects the following Ubuntu releases:Ubuntu 6.06 LTSUbuntu 7.10Ubuntu 8.04 LTSUbuntu 8.10This advisory also applies to the corresponding versions ofKubuntu, Edubuntu, and Xubuntu.The problem can be corrected by upgrading your system to thefollowing package versions:Ubuntu 6.06 LTS: libssl0.9.8 0.9.8a-7ubuntu0.7Ubuntu 7.10: libssl0.9.8 0.9.8e-5ubuntu3.4Ubuntu 8.04 LTS: libssl0.9.8 0.9.8g-4ubuntu3.5Ubuntu 8.10: libssl0.9.8 0.9.8g-10.1ubuntu2.2After a standard system upgrade you need to reboot your computer toeffect the necessary changes.Details follow:It was discovered that OpenSSL did not properly validate the length of anencoded BMPString or UniversalString when printing ASN.1 strings. If a useror automated system were tricked into processing a crafted certificate, anattacker could cause a denial of service via application crash inapplications linked against OpenSSL.
More...