MGASA-2014-0315

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2014-0315.html

Import Source

https://advisories.mageia.org/MGASA-2014-0315.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2014-0315

Upstream

CVE-2014-4911

Published

2014-08-05T20:08:48Z

Modified

2026-04-16T06:24:33.495764735Z

Summary

Updated polarssl packages fix security vulnerability

Details

A flaw was discovered in PolarSSL, a lightweight crypto and SSL/TLS library, which can be exploited by a remote unauthenticated attacker to mount a denial of service against PolarSSL servers that offer GCM ciphersuites. Potentially clients are affected too if a malicious server decides to execute the denial of service attack against its clients (CVE-2014-4911).

The pdns package has been rebuilt against the updated polarssl library.

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:3 / polarssl

Package

Name: polarssl
Purl: pkg:rpm/mageia/polarssl?arch=source&distro=mageia-3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.3.8-1.mga3

Ecosystem specific

{
    "section": "core"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2014-0315.json"

Mageia:3 / pdns

Package

Name: pdns
Purl: pkg:rpm/mageia/pdns?arch=source&distro=mageia-3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.3.1-1.3.mga3

Ecosystem specific

{
    "section": "core"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2014-0315.json"

Mageia:4 / polarssl

Package

Name: polarssl
Purl: pkg:rpm/mageia/polarssl?arch=source&distro=mageia-4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.3.8-1.mga4

Ecosystem specific

{
    "section": "core"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2014-0315.json"

Mageia:4 / pdns

Package

Name: pdns
Purl: pkg:rpm/mageia/pdns?arch=source&distro=mageia-4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.3.1-2.2.mga4

Ecosystem specific

{
    "section": "core"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2014-0315.json"