Information on source package polarssl

Available versions

ReleaseVersion
squeeze (security)1.2.9-1~deb6u1
squeeze (lts)1.2.9-1~deb6u4
wheezy1.2.9-1~deb7u4
wheezy (security)1.2.9-1~deb7u5
jessie1.3.9-2.1
stretch1.3.9-2.1
sid1.3.9-2.1

Open issues

BugsqueezewheezyjessiestretchsidDescription
CVE-2014-3566vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedThe SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other ...

Open unimportant issues

BugsqueezewheezyjessiestretchsidDescription
CVE-2011-3389vulnerablevulnerablevulnerablevulnerablevulnerableThe SSL protocol, as used in certain configurations in Microsoft ...

Resolved issues

BugDescription
CVE-2015-1182The asn1_get_sequence_of function in library/asn1parse.c in PolarSSL ...
CVE-2014-9744Memory leak in PolarSSL before 1.3.9 allows remote attackers to cause ...
CVE-2014-8628Memory leak in PolarSSL before 1.2.12 and 1.3.x before 1.3.9 allows ...
CVE-2014-8627PolarSSL 1.3.8 does not properly negotiate the signature algorithm to ...
CVE-2014-4911The ssl_decrypt_buf function in library/ssl_tls.c in PolarSSL before ...
CVE-2013-5915The RSA-CRT implementation in PolarSSL before 1.2.9 does not properly ...
CVE-2013-5914Buffer overflow in the ssl_read_record function in ssl_tls.c in ...
CVE-2013-4623The x509parse_crt function in x509.h in PolarSSL 1.1.x before 1.1.7 ...
CVE-2013-1621Array index error in the SSL module in PolarSSL before 1.2.5 might ...
CVE-2013-0169The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as ...
CVE-2012-2130
CVE-2011-1923The Diffie-Hellman key-exchange implementation in dhm.c in PolarSSL ...
CVE-2009-3555The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as ...
CVE-2008-7129XySSL before 0.9 allows remote attackers to cause a denial of service ...
CVE-2008-7128The ssl_parse_client_key_exchange function in XySSL before 0.9 does ...

Security announcements

DSA / DLADescription
DLA-144-1polarssl - security update
DSA-3136-1polarssl - security update
DLA-129-1polarssl - security update
DSA-3116-1polarssl - security update
DLA-36-1polarssl - security update
DSA-2981-1polarssl - security update
DSA-2782-1polarssl - several
DSA-2782-1polarssl - several
DSA-2622-1polarssl - several

Search for package or bug name: Reporting problems