drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in PolarSSL
Name: |
Denial of Service in PolarSSL |
|
ID: |
DSA-3116-1 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian sid, Debian wheezy |
|
Datum: |
Di, 30. Dezember 2014, 08:39 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8628 |
|
Applikationen: |
mbed TLS |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
- ------------------------------------------------------------------------- Debian Security Advisory DSA-3116-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff December 30, 2014 http://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : polarssl CVE ID : CVE-2014-8628
It was discovered that a memory leak in parsing X.509 certificates may result in denial of service.
For the stable distribution (wheezy), this problem has been fixed in version 1.2.9-1~deb7u4.
For the upcoming stable distribution (jessie), this problem has been fixed in version 1.3.9-1.
For the unstable distribution (sid), this problem has been fixed in version 1.3.9-1.
We recommend that you upgrade your polarssl packages.
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAEBAgAGBQJUof1xAAoJEBDCk7bDfE42TrkP/A7Iw+HG6yaSV3DZ4THEAesN sMApQQT2IyQ/YjxZ+RGKCgowQiiO+eVVYBjM4v0SafIKWHlcvsPIjMXqDHGR6+Dz gzUAQ1vHBiWw5gI7Ix7dv8jgV0s2yKaSr6YTLBzDbNX6AmUCIaXbZgKe7wTSAf2u 5kuSoPXb+Vf9I08md6hFbEPvEJfnTZFaqiXl+2nRX2NzDBQGQXzyBbr7aPz06+nl EVE20HClcKqjusCVaB4KCc9if1D3PswxgbdLIpg0BvVfO7ZugZeaZ4A1QHUVUxm0 m4FxAVDXcmQDBIlgKScT/0tgjUOElpVGGjoE4m6tM3gqULVCdw1NPxJm9vd8sglm 462aYOB75hHrKqyR37h6/1t+3dpt9tq1V8ZY931CucnbEnq3xWSkkIKXkFMMIN7R asXGNanoLVwkLwF5oylqy+asCHW66m00rJmet4b1ZjKNCIdGD7z/QjCymNWXg7Ya rXtQn7w7qAlijiNPsvnQnh4Rd1QeNYuqpZ7prYvRfcafhPHX1DwQFR3zSnzMxqL6 UNyjOiO4ZWRIWUPJYtGh8j7OnXTlBaRWibzUCSoYE83kvM0lPC/MLy5RQ2BripaO Ik7n++UFVGKtW6wbSI8qLB5H5MOWRl78d8J6Yt7hUcHX/at9+dczbq+h5guXXJwX l78i+xR59Y4GHHoaUiEN =6w3n -----END PGP SIGNATURE-----
-- To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org Archive: https://lists.debian.org/20141230011954.GA11404@pisco.westfalen.local
|
|
|
|