2 matches found
wolfssl: Security update (2 CVEs)
The wolfssl package has been rebuilt and was uploaded to the Chaos Calmer 15.05 repository due to multiple security issues. VERSION 3.3.0-2 = 3.8.0-2 CHANGELOG Wed, 2 Mar 2016 10:01:48 +0000 cb7a26c Cyassl: disable Intel ASM for now With ASM support enabled, CyaSSL fails to build on all x86...
CVE-2015-6925
CVE-2015-6925 affects wolfSSL (formerly CyaSSL) prior to 3.6.8. A remote attacker can cause a denial of service by sending a crafted DTLS cookie in a ClientHello, leading to resource consumption or traffic amplification. Public postings and vendor advisories confirm the vulnerability exists in ol...