Debian Security Advisory

DLA-331-1 polarssl -- LTS security update

Date Reported:
22 Oct 2015
Affected Packages:
Security database references:
In Mitre's CVE dictionary: CVE-2015-5291.
More information:

A flaw was found in PolarSSl and mbed TLS:

When the client creates its ClientHello message, due to insufficient bounds checking it can overflow the heap-based buffer containing the message while writing some extensions. Two extensions in particular could be used by a remote attacker to trigger the overflow: the session ticket extension and the server name indication (SNI) extension.

Although most of the vulnerable code is not present in the Squeeze version, this upload contains at least a length check for incoming data.