From ${URL} : Description Multiple vulnerabilities have been reported in CyaSSL, where multiple have an unknown impact and other one can be exploited to potentially compromise a vulnerable system. 1) An unspecified error exists, which can be exploited to cause memory corruption. No further information is currently available. Successful exploitation of this vulnerability may allow execution of arbitrary code. 2) A NULL pointer dereference error exists. No further information is currently available. 3) An out-of-bounds memory read error exists. No further information is currently available. 4) An unspecified error related to X.509 unknown certificate extensions exists. No further information is currently available. The vulnerabilities are reported in versions prior to 2.9.4. Solution: Update to version 2.9.4. Provided and/or discovered by: The vendor credits: 1-3) Ivan Fratric, Google Security Team. 4) Suman Jana with security researchers at UT Austin and UC Davis. Original Advisory: http://www.wolfssl.com/yaSSL/Docs-cyassl-changelog.html http://www.yassl.com/forums/topic539-cyassl-294-released.html @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
CVE-2014-2900 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2900): wolfSSL CyaSSL before 2.9.4 does not properly validate X.509 certificates with unknown critical extensions, which allows man-in-the-middle attackers to spoof servers via crafted X.509 certificate. CVE-2014-2899 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2899): wolfSSL CyaSSL before 2.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via (1) a request for the peer certificate when a certificate parsing failure occurs or (2) a client_key_exchange message when the ephemeral key is not found.
I'm in the process of tree cleaning this, bug #495848
Its off the tree. This bug is no longer relevant and you can close it.
(In reply to Anthony Basile from comment #3) > Its off the tree. This bug is no longer relevant and you can close it. No. We should make removal glsa
This issue was resolved and addressed in GLSA 201612-53 at https://security.gentoo.org/glsa/201612-53 by GLSA coordinator Thomas Deutschmann (whissi).