[Secure-testing-team] Bug#725359: polarssl: CVE-2013-5914 CVE-2013-5915
Moritz Muehlenhoff
jmm at inutil.org
Fri Oct 4 14:01:11 UTC 2013
Package: polarssl
Severity: grave
Tags: security
Justification: user security hole
https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2013-04
https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2013-05
CVE-2013-5915 doesn't sound backportable. Since polarssl has no reverse deps in Wheezy
I suggest we update stable to 1.2.9. What do you think?
Cheers,
Moritz
More information about the Secure-testing-team
mailing list