1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • Re: [SECURITY] [DSA 2981-1] polarssl security update (1/2)

    From =?UTF-8?Q?Malek_Ha=C3=AFssous?=@1:229/2 to All on Fri Jul 18 18:30:01 2014
    XPost: linux.debian.security
    From: [email protected]

    --001a11c35704a27a8f04fe79f100
    Content-Type: text/plain; charset=UTF-8
    Content-Transfer-Encoding: quoted-printable

    unsubscribe


    On Fri, Jul 18, 2014 at 5:26 PM, Salvatore Bonaccorso <[email protected]> wrote:

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-2981-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso July 18, 2014 http://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : polarssl
    CVE ID : CVE-2014-4911
    Debian Bug : 754655

    A flaw was discovered in PolarSSL, a lightweight crypto and SSL/TLS
    library, which can be exploited by a remote unauthenticated attacker to
    mount a denial of service against PolarSSL servers that offer GCM ciphersuites. Potentially clients are affected too if a malicious server decides to execute the denial of service attack against its clients.

    For the stable distribution (wheezy), this problem has been fixed in
    version 1.2.9-1~deb7u3.

    For the testing distribution (jessie), this problem has been fixed in
    version 1.3.7-2.1.

    For the unstable distribution (sid), this problem has been fixed in
    version 1.3.7-2.1.

    We recommend that you upgrade your polarssl packages.

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: http://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1

    iQIcBAEBCgAGBQJTyTxWAAoJEAVMuPMTQ89EOtgP/jQTbv+uZvjTH1pW9YWdRifE 1u1uqWvBhMySn/SpOi1M8gG8SbI0J3Zf2hhe619GWQTizIGyCsDf912j5EYMPZct U+4GkGZvH6JSREHFHgzsj4Y284mO6tr4gEmx053tx1JyY4ZE4QCDwVWjXUw/jl6e vi68m4vf/ul3Bo0oo4eivkAVewQf8zCf4M/nvpL0vKVRVzBaca8K9tEWNdN5vYvJ MfjF35k6QmHlx1ntr9QwwaUPvuzhDE83CXtdNqKHvIiu31Q1sH7fDWHb+2EXQnJZ qAa9a4Xz/cCNHNDYJdZKMqQ801b/FAE+WpMv/p+iKZJ+b8Qe4hi1jxnZFSCI8s5S IAOiyM/xETZGjqywWxIzU8WBvYVRWZX82wL01Pq0uNMhNpdLC1PAV0ayi//4z0iK Ep6O70bCAqxEUpNv71CWJdP/uZg38PCNiDgnV4Il6bXPVpW13l3nWzDKvQmLepdg 32CJ2b93HG4oB9dK5PrAAXsI4q9H0pJihF4oSzqYrxvtk6kN5QGszTguCWNh0zlg VGgejjww5zKO9vyJdaDoiCn+qBVL08FlTPEMBArulh3R+6D1ih8ftPDlZbNRVQXb FCPqqZRIeIGBMPGGwmaTMrlC3QGjhJILJxqu5/SpCqGlG+/90cYDrlOwB/9oXtNn uDyFK2A4oQPutCpJLH91
    =/4R/
    -----END PGP SIGNATURE-----


    --
    To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact
    [email protected]
    Archive: https://lists.debian.org/[email protected]




    --
    *Malek HA*

    *ÏSSOUSÉtudiant Epitech Paris - Promo [email protected] <[email protected]>*

    --001a11c35704a27a8f04fe79f100
    Content-Type: text/html; charset=UTF-8
    Content-Transfer-Encoding: quoted-printable

    <div dir="ltr">unsubscribe<br></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Fri, Jul 18, 2014 at 5:26 PM, Salvatore Bonaccorso <span dir="ltr">&lt;<a href="mailto:[email protected]" target="_blank">[email protected]</a>&gt;</span>
    wrote:<br>

    <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">-----BEGIN PGP SIGNED MESSAGE-----<br>
    Hash: SHA512<br>

    - -------------------------------------------------------------------------<br> Debian Security Advisory DSA-2981-1                   <a href="mailto:[email protected]">[email protected]</a><br>
    <a href="http://www.debian.org/security/" target="_blank">http://www.debian.org/security/</a>                      Salvatore Bonaccorso<br>
    Jul