Your message dated Tue, 15 Jul 2014 21:40:27 +0000
with message-id <[email protected]>
and subject line Bug#754655: fixed in polarssl 1.3.7-2.1
has caused the Debian Bug report #754655,
regarding polarssl: CVE-2014-4911: Denial of Service against GCM enabled
servers and clients
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
754655: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=754655
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: polarssl
Version: 1.3.7-2
Severity: critical
Tags: security, fixed-upstream
Please see for details:
https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-02
---
Henri Salo
signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---
Source: polarssl
Source-Version: 1.3.7-2.1
We believe that the bug you reported is fixed in the latest version of
polarssl, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <[email protected]> (supplier of updated polarssl package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 15 Jul 2014 21:39:13 +0200
Source: polarssl
Binary: libpolarssl-dev libpolarssl-runtime libpolarssl6
Architecture: source amd64
Version: 1.3.7-2.1
Distribution: unstable
Urgency: high
Maintainer: Roland Stigge <[email protected]>
Changed-By: Salvatore Bonaccorso <[email protected]>
Description:
libpolarssl-dev - lightweight crypto and SSL/TLS library
libpolarssl-runtime - lightweight crypto and SSL/TLS library
libpolarssl6 - lightweight crypto and SSL/TLS library
Closes: 754655
Changes:
polarssl (1.3.7-2.1) unstable; urgency=high
.
* Non-maintainer upload with maintainers approval.
* Add CVE-2014-4911.patch patch.
CVE-2014-4911: Fix Denial of Service against GCM enabled servers (and
clients). (Closes: #754655)
Checksums-Sha1:
bb6334f6c287d5b51935e7678d5f5465292616b5 1833 polarssl_1.3.7-2.1.dsc
08747cdf22ec7d29c72e70e8f21cb11ee56be6be 5128 polarssl_1.3.7-2.1.debian.tar.xz
b5ca7466744676802e9a5fe144ebd6a58edb171b 314198
libpolarssl-dev_1.3.7-2.1_amd64.deb
28ab3c8459601c041283e4949c9b3db05904b01a 639174
libpolarssl-runtime_1.3.7-2.1_amd64.deb
051a1d53a188d8b15ca841cd424cc83c120dd9b0 220768
libpolarssl6_1.3.7-2.1_amd64.deb
Checksums-Sha256:
ed9c83ca0b51ce819c856879ddb5189aa58ba959c63553823525fe8fc497e3a7 1833
polarssl_1.3.7-2.1.dsc
4fbbb367acdb6dca497ae5d1d23623a4fbfa4ca4924f30d2e8d7cf0ff643a264 5128
polarssl_1.3.7-2.1.debian.tar.xz
d57a16921ed28b6fd82b3600f5a6b280f786fd80429a6626c37118399084aaab 314198
libpolarssl-dev_1.3.7-2.1_amd64.deb
8e44b8a0c7c5bfb7ad14b3840039625aee73e192e3c47bb85749ffaa644f5b82 639174
libpolarssl-runtime_1.3.7-2.1_amd64.deb
bd1915dcc68b5ebe932df2b098bcbc6b5c11811c67cd512f1112b45000743d15 220768
libpolarssl6_1.3.7-2.1_amd64.deb
Files:
8457734e76a0a0cd68f9d157d4dc6954 314198 libdevel optional
libpolarssl-dev_1.3.7-2.1_amd64.deb
e69b64eb46f280a64a0af294c66101b9 639174 libdevel optional
libpolarssl-runtime_1.3.7-2.1_amd64.deb
4e8f6a56781cb1649f6d9d74c39f4903 220768 libs optional
libpolarssl6_1.3.7-2.1_amd64.deb
8b132374e20420275e0b447e1891cfdd 1833 libs optional polarssl_1.3.7-2.1.dsc
aab8e5c9963c06846ee636c5eaeb6674 5128 libs optional
polarssl_1.3.7-2.1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJTxYYUAAoJEAVMuPMTQ89Ee3AP+QEblaf8YBtYlEOF/cqrCM8T
1X4Z1xhhwXmhnfk6kE1kZic/NiP0MwHIqU6/fkGFf923pZ8Zlc4PferlKgZ/6ZL+
KkG3L5fYqJ3OP/vll/UtvV5Sm77gVBFBHVzj01eOXAI+ylV84IuOdbOn2BVNY+o2
MfFtjFqLq1E0fAPusFb97B75qdfxJWt6A4Jj1h3yDt3eeqq06k4xAsTvwgdWAEww
Uo7UiFvjSr4/XyQkLKyaIWYcPPTv4AevsrHe6mc59FY5DWz6FI9L1FB4XftNqOV3
sqOQJRSrhze5qXHsAdXmlzJLYT0jMoynXbAHJea4Ob4ME7StFtLsr+Cof8N6jsBP
LtzRsBig6oQX6Kv8epH3vRo8jeeSOz7ILwg+9XP6ffeZnOoq04z1/D8DoS8K9NDW
9DSqm00o/4jMZdtnJGGlNgIXptaQNLCwZZBzdakCD+LoFA+AXFwKUCy/OipKipEE
eVMxy8O8tavrD73/7xYb/ET2dH6Ys4dw7b2gCjJs5nr9f+l+eC1kr2/3Lphq7Doi
MEmJlIs8uLLmpoe/nS26nSIPnIL8YyNGrGQLKiLltqzLJeJE9RJYWDIvG8f9MyIz
5khz1Dj20tQjtiIMi3yhDBNrCzlZh6WAe2RmMbO4gOJl0IwDj3ysj92vYL7Etjiw
oQsvndMkjRSCdrFQQZgf
=eH69
-----END PGP SIGNATURE-----
--- End Message ---
