Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 573
Alerts This Week
Warning Icon 1 573

Fedora 22: 2015-7f939b3af5 Critical: mbedtls Remote Code Execution Fix

fedora
Calendar Grey October 23, 2015
Dist Fedora Esm H88
OpenSSL security patch resolves CVE-2018-0732 for Ubuntu 20.04, enhancing encryption library integrity for users.
- Update to 1.3.14 - CVE-2015-5291 Release notes: https://www.trustedfirmware.org/projects/mbed-tls/ Security notes:

Summary

Mbed TLS is a light-weight open source cryptographic and SSL/TLS

library written in C. Mbed TLS makes it easy for developers to include

cryptographic and SSL/TLS capabilities in their (embedded)

applications with as little hassle as possible.

FOSS License Exception:

Update Information:

- Update to 1.3.14 - CVE-2015-5291 Release notes: Security

Change Log

References


[ 1 ] Bug #1270170 - CVE-2015-5291 polarssl: mbedtls: crash or remote code execution on clients using session tickets or SNI https://bugzilla.redhat.com/show_bug.cgi?id=1270170

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update mbedtls' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: mbedtls
Product: Fedora 22
Version: 1.3.14
Release: 1.fc22
Summary: Light-weight cryptographic and SSL/TLS library

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.