Debian Security Advisory DSA 4147-1 (polarssl - security update)

Several vulnerabilities were discovered in PolarSSL, a lightweight crypto and SSL/TLS library, that allowed a remote attacker to either cause a denial-of-service by application crash, or execute arbitrary code.

polarssl on Debian Linux

This check tests the installed software version using the apt package manager.

For the oldstable distribution (jessie), these problems have been fixed in version 1.3.9-2.1+deb8u3. We recommend that you upgrade your polarssl packages. For the detailed security status of polarssl please refer to its security tracker page linked in the references.