Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 490451 (CVE-2013-5914)

Summary: <net-libs/polarssl-1.2.5 : Buffer overflow, code execution (CVE-2013-5914)
Product: Gentoo Security Reporter: GLSAMaker/CVETool Bot <glsamaker>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal    
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B2 [glsa]
Package list:
Runtime testing required: ---

Description GLSAMaker/CVETool Bot gentoo-dev 2013-11-05 02:37:15 UTC 
CVE-2013-5914 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5914):
  Buffer overflow in the ssl_read_record function in ssl_tls.c in PolarSSL
  before 1.1.8, when using TLS 1.1, might allow remote attackers to execute
  arbitrary code via a long packet.
Comment 1 Chris Reffett (RETIRED) gentoo-dev Security 2013-11-05 02:37:58 UTC 
Was filed just for tracking, affected version long gone and GLSA released recently.