10 matches found
Updated polarssl & hiawatha packages fix security vulnerabilities
Updated hiawatha package fixes security vulnerabilities: The hiawatha package included a bundled copy of PolarSSL 1.3.2, which was vulnerable to several security issues that had already been fixed in the system polarssl package. These issues were CVE-2014-4911, CVE-2014-8627, CVE-2014-8628, and...
MGASA-2015-0185 Updated polarssl & hiawatha packages fix security vulnerabilities
Updated hiawatha package fixes security vulnerabilities: The hiawatha package included a bundled copy of PolarSSL 1.3.2, which was vulnerable to several security issues that had already been fixed in the system polarssl package. These issues were CVE-2014-4911, CVE-2014-8627, CVE-2014-8628, and...
Fedora Update for polarssl FEDORA-2015-0991
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 21 : polarssl-1.3.9-3.fc21 (2015-1045)
Fix for CVE-2015-1182 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...
[SECURITY] [DLA 144-1] polarssl security update
Package : polarssl Version : 1.2.9-1deb6u4 CVE ID : CVE-2015-1182 A vulnerability was discovered in PolarSSL, a lightweight crypto and SSL/TLS library. A remote attacker could exploit this flaw using specially crafted certificates to mount a denial of service against an application linked against...
CVE-2015-1182
The CVE-2015-1182 issue affects PolarSSL 1.0–1.2.12 and 1.3.x up to 1.3.9, where asn1_get_sequence_of in library/asn1parse.c fails to initialize a pointer in the asn1_sequence linked list. This can allow a remote attacker to crash the application or potentially execute arbitrary code via a crafte...
Debian DSA-3136-1 : polarssl - security update
A vulnerability was discovered in PolarSSL, a lightweight crypto and SSL/TLS library. A remote attacker could exploit this flaw using specially crafted certificates to mount a denial of service against an application linked against the library application crash, or potentially, to execute arbitra...
[SECURITY] [DSA 3136-1] polarssl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3136-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso January 24, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3136-1] polarssl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3136-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso January 24, 2015 http://www.debian.org/security/faq -...
Debian: Security Advisory (DSA-3136-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...