Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-3967-1:850A8
HistorySep 08, 2017 - 6:40 p.m.

[SECURITY] [DSA 3967-1] mbedtls security update

2017-09-0818:40:37
lists.debian.org
11

EPSS

0.007

Percentile

80.6%

JSON

Debian Security Advisory DSA-3967-1 [email protected]
https://www.debian.org/security/ Salvatore Bonaccorso
September 08, 2017 https://www.debian.org/security/faq

Package : mbedtls
CVE ID : CVE-2017-14032
Debian Bug : 873557

An authentication bypass vulnerability was discovered in mbed TLS, a
lightweight crypto and SSL/TLS library, when the authentication mode is
configured as 'optional'. A remote attacker can take advantage of this
flaw to mount a man-in-the-middle attack and impersonate an intended
peer via an X.509 certificate chain with many intermediates.

For the stable distribution (stretch), this problem has been fixed in
version 2.4.2-1+deb9u1.

For the testing distribution (buster), this problem has been fixed
in version 2.6.0-1.

For the unstable distribution (sid), this problem has been fixed in
version 2.6.0-1.

We recommend that you upgrade your mbedtls packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian9mipsellibmbedcrypto0< 2.4.2-1+deb9u1libmbedcrypto0_2.4.2-1+deb9u1_mipsel.deb
Debian9i386libmbedtls-dev< 2.4.2-1+deb9u1libmbedtls-dev_2.4.2-1+deb9u1_i386.deb
Debian9i386libmbedx509-0-dbgsym< 2.4.2-1+deb9u1libmbedx509-0-dbgsym_2.4.2-1+deb9u1_i386.deb
Debian9mipsellibmbedx509-0< 2.4.2-1+deb9u1libmbedx509-0_2.4.2-1+deb9u1_mipsel.deb
Debian9armellibmbedtls10< 2.4.2-1+deb9u1libmbedtls10_2.4.2-1+deb9u1_armel.deb
Debian9s390xlibmbedcrypto0-dbgsym< 2.4.2-1+deb9u1libmbedcrypto0-dbgsym_2.4.2-1+deb9u1_s390x.deb
Debian9s390xlibmbedx509-0< 2.4.2-1+deb9u1libmbedx509-0_2.4.2-1+deb9u1_s390x.deb
Debian9ppc64ellibmbedx509-0-dbgsym< 2.4.2-1+deb9u1libmbedx509-0-dbgsym_2.4.2-1+deb9u1_ppc64el.deb
Debian9arm64libmbedcrypto0< 2.4.2-1+deb9u1libmbedcrypto0_2.4.2-1+deb9u1_arm64.deb
Debian9s390xlibmbedtls10-dbgsym< 2.4.2-1+deb9u1libmbedtls10-dbgsym_2.4.2-1+deb9u1_s390x.deb
Rows per page:
1-10 of 721

Related

ubuntucve 1
nessus 4
fedora 2
mageia 1
cvelist 1
osv 3
prion 1
debiancve 1
nvd 1
openvas 4
debian 1
alpinelinux 1
cve 1
ubuntucve
ubuntucve
CVE-2017-14032
2017-08-30 00:00:00
nessus
nessus
Fedora 26 : mbedtls (2017-382c240580)
2017-09-05 00:00:00
openSUSE Security Update : mbedtls (openSUSE-2017-1156)
2017-10-23 00:00:00
Fedora 25 : mbedtls (2017-3abea58794)
2017-09-11 00:00:00
fedora
fedora
[SECURITY] Fedora 25 Update: mbedtls-2.6.0-1.fc25
2017-09-10 04:53:44
[SECURITY] Fedora 26 Update: mbedtls-2.6.0-1.fc26
2017-09-02 22:27:02
mageia
mageia
Updated mbedtls packages fix security vulnerability
2018-01-03 17:22:14
cvelist
cvelist
CVE-2017-14032
2017-08-30 20:00:00
osv
osv
CVE-2017-14032
2017-08-30 20:29:00
mbedtls - security update
2017-09-08 00:00:00
libmbedcrypto7-2.27.0-1.2 on GA media
2024-06-15 00:00:00
prion
prion
Authentication flaw
2017-08-30 20:29:00
debiancve
debiancve
CVE-2017-14032
2017-08-30 20:29:00
nvd
nvd
CVE-2017-14032
2017-08-30 20:29:00
openvas
openvas
Fedora Update for mbedtls FEDORA-2017-3abea58794
2017-09-10 00:00:00
Mageia: Security Advisory (MGASA-2018-0038)
2022-01-28 00:00:00
Fedora Update for mbedtls FEDORA-2017-382c240580
2017-09-04 00:00:00
debian
debian
[SECURITY] [DSA 3967-1] mbedtls security update
2017-09-08 18:40:37
alpinelinux
alpinelinux
CVE-2017-14032
2017-08-30 20:29:00
cve
cve
CVE-2017-14032
2017-08-30 20:29:00

EPSS

0.007

Percentile

80.6%

JSON
Related for DEBIAN:DSA-3967-1:850A8
ubuntucve1nessus4fedora2mageia1cvelist1osv3prion1debiancve1nvd1openvas4debian1alpinelinux1cve1