Updated polarssl & hiawatha packages fix security vulnerabilitiesPublication date: 05 May 2015
Affected Mageia releases : 4
Updated hiawatha package fixes security vulnerabilities: The hiawatha package included a bundled copy of PolarSSL 1.3.2, which was vulnerable to several security issues that had already been fixed in the system polarssl package. These issues were CVE-2014-4911, CVE-2014-8627, CVE-2014-8628, and CVE-2015-1182, which were fixed in MGASA-2014-0315, MGASA-2014-0481, and MGASA-2015-0055. The polarssl package has been adjusted so that hiawatha can use it, and hiawatha has been rebuilt to use the updated system polarssl, fixing these issues.