1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 3116-1] polarssl security update

    From Moritz Muehlenhoff@1:229/2 to All on Tue Dec 30 02:30:01 2014
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-3116-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff December 30, 2014 http://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : polarssl
    CVE ID : CVE-2014-8628

    It was discovered that a memory leak in parsing X.509 certificates may
    result in denial of service.

    For the stable distribution (wheezy), this problem has been fixed in
    version 1.2.9-1~deb7u4.

    For the upcoming stable distribution (jessie), this problem has been
    fixed in version 1.3.9-1.

    For the unstable distribution (sid), this problem has been fixed in
    version 1.3.9-1.

    We recommend that you upgrade your polarssl packages.

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1

    iQIcBAEBAgAGBQJUof1xAAoJEBDCk7bDfE42TrkP/A7Iw+HG6yaSV3DZ4THEAesN sMApQQT2IyQ/YjxZ+RGKCgowQiiO+eVVYBjM4v0SafIKWHlcvsPIjMXqDHGR6+Dz gzUAQ1vHBiWw5gI7Ix7dv8jgV0s2yKaSr6YTLBzDbNX6AmUCIaXbZgKe7wTSAf2u 5kuSoPXb+Vf9I08md6hFbEPvEJfnTZFaqiXl+2nRX2NzDBQGQXzyBbr7aPz06+nl EVE20HClcKqjusCVaB4KCc9if1D3PswxgbdLIpg0BvVfO7ZugZeaZ4A1QHUVUxm0 m4FxAVDXcmQDBIlgKScT/0tgjUOElpVGGjoE4m6tM3gqULVCdw1NPxJm9vd8sglm 462aYOB75hHrKqyR37h6/1t+3dpt9tq1V8ZY931CucnbEnq3xWSkkIKXkFMMIN7R asXGNanoLVwkLwF5oylqy+asCHW66m00rJmet4b1ZjKNCIdGD7z/QjCymNWXg7Ya rXtQn7w7qAlijiNPsvnQnh4Rd1QeNYuqpZ7prYvRfcafhPHX1DwQFR3zSnzMxqL6 UNyjOiO4ZWRIWUPJYtGh8j7OnXTlBaRWibzUCSoYE83kvM0lPC/MLy5RQ2BripaO Ik7n++UFVGKtW6wbSI8qLB5H5MOWRl78d8J6Yt7hUcHX/at9+dczbq+h5guXXJwX l78i+xR59Y4GHHoaUiEN
    =6w3n
    -----END PGP SIGNATURE-----


    --
    To UNSUBSCRIBE, email to [email protected]
    with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)