Bug#775776: polarssl: CVE-2015-1182: Remote attack using crafted certificates -- patch for unstable and jessie

2015-01-21 Thread Salvatore Bonaccorso
Hi Roland, Attached would be the debdiff for the unstable upload (Note: I have *not* uploaded it to archive, nor yet to a delayed queue). Do you plan to do the upload yourself? (In case needed I can do the NMU too). Regards, Salvatore diff -Nru polarssl-1.3.9/debian/changelog polarssl-1.3.9/debia

Bug#775776: polarssl: CVE-2015-1182: Remote attack using crafted certificates

2015-01-21 Thread Salvatore Bonaccorso
Hi Roland, I have used the attached debdiff for preparing the wheezy-security update (not yet released though). Regards, Salvatore diff -Nru polarssl-1.2.9/debian/changelog polarssl-1.2.9/debian/changelog --- polarssl-1.2.9/debian/changelog 2014-12-30 00:56:22.0 +0100 +++ polarssl-1.2

Bug#775776: polarssl: CVE-2015-1182: Remote attack using crafted certificates

2015-01-19 Thread Salvatore Bonaccorso
Source: polarssl Version: 1.3.9-2 Severity: grave Tags: security upstream patch fixed-upstream Hi, the following vulnerability was published for polarssl. CVE-2015-1182[0]: Remote attack using crafted certificates If you fix the vulnerability please also make sure to include the CVE (Common Vul