| Release | Version |
|---|---|
| stretch (security) | 2.4.2-1+deb9u3 |
| buster | 2.14.1-2 |
| sid | 2.14.1-2 |
| Bug | stretch | buster | sid | Description |
|---|---|---|---|---|
| CVE-2018-9989 | vulnerable (no DSA) | fixed | fixed | ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer ... |
| CVE-2018-9988 | vulnerable (no DSA) | fixed | fixed | ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer ... |
| CVE-2018-19608 | vulnerable | fixed | fixed | Arm Mbed TLS before 2.14.1, before 2.7.8, and before 2.1.17 allows a ... |
| Bug | stretch | buster | sid | Description |
|---|---|---|---|---|
| CVE-2018-1000520 | vulnerable | vulnerable | vulnerable | ARM mbedTLS version 2.7.0 and earlier contains a Ciphersuite Allows ... |
| CVE-2018-1000061 | vulnerable | vulnerable | vulnerable | ARM mbedTLS version development branch, 2.7.0 and earlier contains a ... |
| Bug | Description |
|---|---|
| CVE-2018-0498 | ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows ... |
| CVE-2018-0497 | ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows ... |
| CVE-2018-0488 | ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0, when the ... |
| CVE-2018-0487 | ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0 allows ... |
| CVE-2017-2784 | An exploitable free of a stack pointer vulnerability exists in the ... |
| CVE-2017-18187 | In ARM mbed TLS before 2.7.0, there is a bounds-check bypass through an ... |
| CVE-2017-14032 | ARM mbed TLS before 1.3.21 and 2.x before 2.1.9, if optional ... |
| CVE-2015-8036 | Heap-based buffer overflow in ARM mbed TLS (formerly PolarSSL) 1.3.x ... |
| CVE-2015-5291 | Heap-based buffer overflow in PolarSSL 1.x before 1.2.17 and ARM mbed ... |
| DSA / DLA | Description |
|---|---|
| DSA-4296-1 | mbedtls - security update |
| DSA-4138-1 | mbedtls - security update |
| DSA-3967-1 | mbedtls - security update |