VDB

GCVE-110-MAGEIA-2014-256

GCVE-110-MAGEIA-2014-256
Advisory Published
Vulnetix · Advisory published June 6, 2014
Update to version 0.2.4.22 which solves these major and security problems: - Block authority signing keys that were used on authorities vulnerable to the "heartbleed" bug in OpenSSL (CVE-2014-0160). - Fix a memory leak that could occur if a microdescriptor parse fails during the tokenizing step. - The relay ciphersuite list is now generated automatically based on uniform criteria, and includes all OpenSSL ciphersuites with acceptable strength and forward secrecy. - Relays now trust themselves to have a better view than clients of which TLS ciphersuites are better than others. - Clients now try to advertise the same list of ciphersuites as Firefox 28. For other changes see the upstream change log

Affected Products

VendorProductVersionsPlatforms
Mageiator0 (affected), 0.2.4.22-1.mga4 (unaffected)
Mageiator0 (affected), 0.2.4.22-1.mga3 (unaffected)

Browse GCVE Records

73,196 records in the GCVE database · Updated July 17, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›