it-securitynotifies AT lists.piratenpartei.de
Betreff: Sicherheitsankündigungen
Listenarchiv
- From: Moritz Muehlenhoff <jmm AT debian.org>
- To: debian-security-announce AT lists.debian.org
- Subject: [IT-SecNots] [SECURITY] [DSA 3116-1] polarssl security update
- Date: Tue, 30 Dec 2014 02:19:54 +0100
- List-archive: <https://service.piratenpartei.de/pipermail/it-securitynotifies>
- List-id: Sicherheitsankündigungen <it-securitynotifies.lists.piratenpartei.de>
- Old-return-path: <jmm AT inutil.org>
- Priority: urgent
- Resent-date: Tue, 30 Dec 2014 01:20:15 +0000 (UTC)
- Resent-from: debian-security-announce AT lists.debian.org
- Resent-message-id: <Rr-4HdJOlPJ.A.b0.P3foUB@bendel>
- Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- -------------------------------------------------------------------------
Debian Security Advisory DSA-3116-1 security AT debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
December 30, 2014 http://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : polarssl
CVE ID : CVE-2014-8628
It was discovered that a memory leak in parsing X.509 certificates may
result in denial of service.
For the stable distribution (wheezy), this problem has been fixed in
version 1.2.9-1~deb7u4.
For the upcoming stable distribution (jessie), this problem has been
fixed in version 1.3.9-1.
For the unstable distribution (sid), this problem has been fixed in
version 1.3.9-1.
We recommend that you upgrade your polarssl packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBAgAGBQJUof1xAAoJEBDCk7bDfE42TrkP/A7Iw+HG6yaSV3DZ4THEAesN
sMApQQT2IyQ/YjxZ+RGKCgowQiiO+eVVYBjM4v0SafIKWHlcvsPIjMXqDHGR6+Dz
gzUAQ1vHBiWw5gI7Ix7dv8jgV0s2yKaSr6YTLBzDbNX6AmUCIaXbZgKe7wTSAf2u
5kuSoPXb+Vf9I08md6hFbEPvEJfnTZFaqiXl+2nRX2NzDBQGQXzyBbr7aPz06+nl
EVE20HClcKqjusCVaB4KCc9if1D3PswxgbdLIpg0BvVfO7ZugZeaZ4A1QHUVUxm0
m4FxAVDXcmQDBIlgKScT/0tgjUOElpVGGjoE4m6tM3gqULVCdw1NPxJm9vd8sglm
462aYOB75hHrKqyR37h6/1t+3dpt9tq1V8ZY931CucnbEnq3xWSkkIKXkFMMIN7R
asXGNanoLVwkLwF5oylqy+asCHW66m00rJmet4b1ZjKNCIdGD7z/QjCymNWXg7Ya
rXtQn7w7qAlijiNPsvnQnh4Rd1QeNYuqpZ7prYvRfcafhPHX1DwQFR3zSnzMxqL6
UNyjOiO4ZWRIWUPJYtGh8j7OnXTlBaRWibzUCSoYE83kvM0lPC/MLy5RQ2BripaO
Ik7n++UFVGKtW6wbSI8qLB5H5MOWRl78d8J6Yt7hUcHX/at9+dczbq+h5guXXJwX
l78i+xR59Y4GHHoaUiEN
=6w3n
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST AT lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster AT lists.debian.org
Archive: https://lists.debian.org/20141230011954.GA11404 AT pisco.westfalen.local
- [IT-SecNots] [SECURITY] [DSA 3116-1] polarssl security update, Moritz Muehlenhoff, 30.12.2014
Archiv bereitgestellt durch MHonArc 2.6.19.