Information on source package polarssl

Available versions

ReleaseVersion
squeeze (security)1.2.9-1~deb6u1
squeeze (lts)1.2.9-1~deb6u5
wheezy1.2.9-1~deb7u5
wheezy (security)1.2.9-1~deb7u6
jessie1.3.9-2.1
jessie (security)1.3.9-2.1+deb8u1

Open issues

BugsqueezewheezyjessieDescription
CVE-2014-3566vulnerable (no DSA)vulnerable (no DSA)fixedThe SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other ...

Open unimportant issues

BugsqueezewheezyjessieDescription
CVE-2011-3389vulnerablevulnerablevulnerableThe SSL protocol, as used in certain configurations in Microsoft ...

Resolved issues

BugDescription
CVE-2015-8036Heap-based buffer overflow in ARM mbed TLS (formerly PolarSSL) 1.3.x ...
CVE-2015-5291Heap-based buffer overflow in PolarSSL 1.x before 1.2.17 and ARM mbed ...
CVE-2015-1182The asn1_get_sequence_of function in library/asn1parse.c in PolarSSL ...
CVE-2014-9744Memory leak in PolarSSL before 1.3.9 allows remote attackers to cause ...
CVE-2014-8628Memory leak in PolarSSL before 1.2.12 and 1.3.x before 1.3.9 allows ...
CVE-2014-8627PolarSSL 1.3.8 does not properly negotiate the signature algorithm to ...
CVE-2014-4911The ssl_decrypt_buf function in library/ssl_tls.c in PolarSSL before ...
CVE-2013-5915The RSA-CRT implementation in PolarSSL before 1.2.9 does not properly ...
CVE-2013-5914Buffer overflow in the ssl_read_record function in ssl_tls.c in ...
CVE-2013-4623The x509parse_crt function in x509.h in PolarSSL 1.1.x before 1.1.7 ...
CVE-2013-1621Array index error in the SSL module in PolarSSL before 1.2.5 might ...
CVE-2013-0169The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as ...
CVE-2012-2130
CVE-2011-1923The Diffie-Hellman key-exchange implementation in dhm.c in PolarSSL ...
CVE-2009-3555The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as ...
CVE-2008-7129XySSL before 0.9 allows remote attackers to cause a denial of service ...
CVE-2008-7128The ssl_parse_client_key_exchange function in XySSL before 0.9 does ...

Security announcements

DSA / DLADescription
DSA-3468-1polarssl - security update
DSA-3468-1polarssl - security update
DLA-331-1polarssl - security update
DLA-144-1polarssl - security update
DSA-3136-1polarssl - security update
DLA-129-1polarssl - security update
DSA-3116-1polarssl - security update
DLA-36-1polarssl - security update
DSA-2981-1polarssl - security update
DSA-2782-1polarssl - several
DSA-2782-1polarssl - several
DSA-2622-1polarssl - several

Search for package or bug name: Reporting problems