Your message dated Fri, 18 Jul 2014 18:47:09 +0000
with message-id <[email protected]>
and subject line Bug#754655: fixed in polarssl 1.2.9-1~deb7u3
has caused the Debian Bug report #754655,
regarding polarssl: CVE-2014-4911: Denial of Service against GCM enabled
servers and clients
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
754655: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=754655
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: polarssl
Version: 1.3.7-2
Severity: critical
Tags: security, fixed-upstream
Please see for details:
https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-02
---
Henri Salo
signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---
Source: polarssl
Source-Version: 1.2.9-1~deb7u3
We believe that the bug you reported is fixed in the latest version of
polarssl, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <[email protected]> (supplier of updated polarssl package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 15 Jul 2014 06:39:38 +0200
Source: polarssl
Binary: libpolarssl-dev libpolarssl-runtime libpolarssl0
Architecture: source amd64
Version: 1.2.9-1~deb7u3
Distribution: wheezy-security
Urgency: high
Maintainer: Roland Stigge <[email protected]>
Changed-By: Salvatore Bonaccorso <[email protected]>
Description:
libpolarssl-dev - lightweight crypto and SSL/TLS library
libpolarssl-runtime - lightweight crypto and SSL/TLS library
libpolarssl0 - lightweight crypto and SSL/TLS library
Closes: 754655
Changes:
polarssl (1.2.9-1~deb7u3) wheezy-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* Add CVE-2014-4911.patch patch.
CVE-2014-4911: Fix Denial of Service against GCM enabled servers (and
clients). (Closes: #754655)
Checksums-Sha1:
8bb1dc2b57b172f41e89d814349b11d86c4bfbf7 1827 polarssl_1.2.9-1~deb7u3.dsc
dfdf34be655bf9ea8a7f066bb5ad0222fbd5d85f 9176
polarssl_1.2.9-1~deb7u3.debian.tar.gz
6142e33191c5c13aa23b6715cfef341f8f4d1dd6 275988
libpolarssl-dev_1.2.9-1~deb7u3_amd64.deb
521ace7040e14f4bd7a108610977ba9d8e50c5db 2789942
libpolarssl-runtime_1.2.9-1~deb7u3_amd64.deb
cda61e86ed8cf00950a624790f0b5c7f6a58d5d9 185898
libpolarssl0_1.2.9-1~deb7u3_amd64.deb
Checksums-Sha256:
da3e74f422d69b6fc4af71c11ec41ad0d02cbcc70b1f93b0eb5dce5bff5c9757 1827
polarssl_1.2.9-1~deb7u3.dsc
20bec0c3823a86e621d5cfc7049fd04d64c837d86dcd82887ff4921d6414a77e 9176
polarssl_1.2.9-1~deb7u3.debian.tar.gz
78ac0be0a83c91a6a33387cad3a30eca0c055fcc444d377b6223a3d73211ee2e 275988
libpolarssl-dev_1.2.9-1~deb7u3_amd64.deb
caedcafb67ca7a712db289271101f7ece58032617302ccf0c5c496ec633ba3be 2789942
libpolarssl-runtime_1.2.9-1~deb7u3_amd64.deb
fc4867fba95939a83a0f066d9bbdc3765769cd81b01621ef5a65340730de9638 185898
libpolarssl0_1.2.9-1~deb7u3_amd64.deb
Files:
262f9d7fc4330e8a1866a9afa277422b 1827 libs optional polarssl_1.2.9-1~deb7u3.dsc
ff1db42de9c1058f3e2761c0c7de5853 9176 libs optional
polarssl_1.2.9-1~deb7u3.debian.tar.gz
708dc82dc2aa952af0dd8fe5a1c9932c 275988 libdevel optional
libpolarssl-dev_1.2.9-1~deb7u3_amd64.deb
6080663c793046bd5bf6a4c9491be7b4 2789942 libdevel optional
libpolarssl-runtime_1.2.9-1~deb7u3_amd64.deb
74c4117e3fb10ddb73c162bea93fe3d7 185898 libs optional
libpolarssl0_1.2.9-1~deb7u3_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJTxYiQAAoJEAVMuPMTQ89E7YAP/iKZ6UBbI+uLFkq1pweiXoTS
FzEfl9E97PXzcTvpkqLw9c8Y19idAGBXzegggjBFNYLZAsxkpc+27NcNarj7hNYD
/cf/LJCNU2A47ykhc5bsZmX0T8fMg9LCz9AOB86mDPswEGxXX7py5xcURmJDX5l1
himT5ig8tYMoTXYXjY6fLA+GwULba7Ke8HUUrFoXNkCHnm23Ba4iMBCavr8oRkow
nWc7Wjoowui5o/8Y7WDHcZe9cOSuMxHKmzv2Wd1d+/sceeQwE954bpOQnEOh8kn3
GPyMZXAAycqsFvxfoJMvCzBL3yWFB1OmDq63Alkvm6AXuj7iz1SiXVWi+7c11YJe
k2UubGUkqzANZXfxZWm2th7HO7q+60THFMiRW9IM7XU0ZBNZUy+sewwmyNrrrgua
kBCI3OMJDUuvy5nrWHk8jJSVVkLXUx1pBEuRM6l9QPDAEgd2xfV/TMzLAg2GFn4K
5enWbXQeusACVOyNZs2HP0sIM6wdwTHtDJ7IleFAyK30d27falSe6oXcpttkUj97
C+cOeeQnYdtUQvwWzlMdy9Fi7HBZoRN42PYUnup1sHVOXPSWWCU7d2nKY2kFRciH
2QMnEMbB+9zyipA84cwXdLJB7iIRJPfzLgZO2XKAETviaQvzYdoo46wjKIY8+7GK
JVn+WSTgskXhLMD5mnqD
=nZVC
-----END PGP SIGNATURE-----
--- End Message ---
