Advisories ยป MGASA-2015-0185

Updated polarssl & hiawatha packages fix security vulnerabilities

Publication date: 05 May 2015
Type: security
Affected Mageia releases : 4


Updated hiawatha package fixes security vulnerabilities:

The hiawatha package included a bundled copy of PolarSSL 1.3.2, which was
vulnerable to several security issues that had already been fixed in the
system polarssl package.  These issues were CVE-2014-4911, CVE-2014-8627,
CVE-2014-8628, and CVE-2015-1182, which were fixed in MGASA-2014-0315,
MGASA-2014-0481, and MGASA-2015-0055.

The polarssl package has been adjusted so that hiawatha can use it, and
hiawatha has been rebuilt to use the updated system polarssl, fixing these