CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
EPSS
Percentile
92.3%
Updated hiawatha package fixes security vulnerabilities: The hiawatha package included a bundled copy of PolarSSL 1.3.2, which was vulnerable to several security issues that had already been fixed in the system polarssl package. These issues were CVE-2014-4911, CVE-2014-8627, CVE-2014-8628, and CVE-2015-1182, which were fixed in MGASA-2014-0315, MGASA-2014-0481, and MGASA-2015-0055. The polarssl package has been adjusted so that hiawatha can use it, and hiawatha has been rebuilt to use the updated system polarssl, fixing these issues.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 4 | noarch | polarssl | < 1.3.9-1.2 | polarssl-1.3.9-1.2.mga4 |
Mageia | 4 | noarch | hiawatha | < 9.3-1.1 | hiawatha-9.3-1.1.mga4 |