Fedora has issued an advisory on September 11:
The issue is fixed upstream in version 1.2.8.
There is also an upstream advisory:
Mageia 3 is also affected.
Steps to Reproduce:
Whoops. There's more security fixes here...
CVE-2013-0169 - TLS and DTLS protocol issue (Lucky Thirteen)
CVE-2013-1621 - Out-of-bounds comparisons
1.2.8 has been submitted to cauldron.
1.2.8 has been submitted to mga3.
Advisory to come.
Oden, FYI the CVE entry for CVE-2013-1621 says it affects versions before 1.2.5. It could be wrong, as the CVE entries are sometimes.
Updated polarssl packages fix security vulnerability:
The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in
PolarSSL before 1.2.6, does not properly consider timing side-channel attacks
on a MAC check requirement during the processing of malformed CBC padding,
which allows remote attackers to conduct distinguishing attacks and plaintext-
recovery attacks via statistical analysis of timing data for crafted packets,
aka the "Lucky Thirteen" issue (CVE-2013-0169).
Array index error in the SSL module in PolarSSL before 1.2.6 might allow
remote attackers to cause a denial of service via vectors involving a crafted
padding-length value during validation of CBC padding in a TLS session
A third party can set up a SSL/TLS handshake with a server and send a
malformed Certificate handshake message that results in an infinite loop for
that connection. With a Man-in-the-Middle attack on a client, a third party
can trigger the same infinite loop on a client (CVE-2013-4623).
Updated packages in core/updates_testing:
Advisory 11275.adv committed to svn.
No poc, so just testing using polarssl-selftest.
Testing complete on Mageia 3 i586 and x86_64.
Someone from the sysadmin team please push 11275.adv to updates.