Wind River Support Network

HomeDefectsLIN7-4660

Fixed

LIN7-4660 : Security Advisory - polarssl - CVE-2014-8627

Created: Aug 31, 2015 Updated: Sep 8, 2018

Resolved Date: Sep 17, 2015

Found In Version: 7.0.0.8

Fix Version: 7.0.0.10

Severity: Standard

Applicable for: Wind River Linux 7

Component/s: Userspace

Description

PolarSSL 1.3.8 does not properly negotiate the signature algorithm to use, which allows remote attackers to conduct downgrade attacks via unspecified vectors. 

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8627

Other Downloads

Wind River Linux 7.0.0.14
Wind River Linux 7.0.0.15
Wind River Linux 7.0.0.16
Wind River Linux 7.0.0.17
Wind River Linux 7.0.0.18
Wind River Linux 7.0.0.19
Wind River Linux 7.0.0.20
Wind River Linux 7.0.0.21
Wind River Linux 7.0.0.22
Wind River Linux 7.0.0.23
Wind River Linux 7.0.0.24
Wind River Linux 7.0.0.25
Wind River Linux 7.0.0.26
Wind River Linux 7.0.0.27
Wind River Linux 7.0.0.28
Wind River Linux 7.0.0.29
Wind River Linux 7.0.0.30
Wind River Linux 7.0.0.31

CVEs

CVE-2014-8627