PolarSSL is now part of ARM Official announcement and rebranded as mbed TLS.

PolarSSL 1.1.8 released

Description

Bug fixes

A number of small memory leaks and file descriptor leaks in uncommon situations have been fixed.

Security

A potential remote buffer overflow in ssl_read_record() that has been independently found by both TrustInSoft and Paul Brodeur of Leviathan Security Group) has been fixed in this release. More details can be found in Security Advisory 2013-04.

Who should update

Our advice for users of the PolarSSL 1.1 branch is to update!

SECURITY WARNING

This release is still vulnerable to a remote timing attack that can recover the RSA private key (Security Advisory 2013-05). Please update to PolarSSL 1.3.0 or PolarSSL 1.2.9 to mitigate this attack!

Download links

Get your copy here: polarssl-1.1.8-gpl.tgz

Hashes

The hashes for polarssl-1.1.8-gpl.tgz are:

SHA-1  : 618be4acfbfdfbf0a7f79bb7ca3945b54a8a4c91
SHA-256: ff128277e866549be9223135f6135c6ebb6fd4d57693f0896b5bf6b98d53d26f

Like this?

Section:
Releases

Author:


Published:


Last updated:
Oct 1, 2013

Sharing:


Want to stay up to date?