http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-...">
This update of openssl fixes an integer conversation issue
which could cause a heap-based memory corruption
(CVE-2012-2110
<<a href=“http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110”>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2110</a>
> ).
Additionally, a check for negative buffer length values was
added ( CVE-2012-2131
<<a href=“http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2131”>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2131</a>
> ) and a memory leak when creating public keys fixed.