A vulnerability was discovered in PolarSSL, a lightweight crypto and
SSL/TLS library. A remote attacker could exploit this flaw using
specially crafted certificates to mount a denial of service against an
application linked against the library (application crash), or
potentially, to execute arbitrary code.
For Debian 6 Squeeze, these issues have been fixed in polarssl version 1.2.9-1~deb6u4