PolarSSL 1.2.11 has been released!
This release is a back-port of all bug fixes and security fixes that are in the 1.3 branch and are relevant for the 1.2 branch.
Most importantly are the security fixes that have been back-ported to the 1.2 branch. PolarSSL 1.2.11 fixes the following security issues for 1.2 branch users:
- Forbid a change of server certificate during renegotiation to prevent the so-called "triple handshake" attack when authentication mode is optional (the attack was already impossible when authentication is required) .
- Check notBefore timestamp of certificates and CRLs from the future.
- Forbid sequence number wrapping
- Prevent potential NULL pointer dereference in ssl_read_record() (found by TrustInSoft)
- Fix length checking for AEAD ciphersuites (found by Codenomicon Defensics toolkit). It was possible to crash the server (and client) using crafted messages when a GCM suite was chosen.
Details on all the bug fixes can be found in the ChangeLog.
Who should update
We advise users of PolarSSL to update if they:
- use any branch other than the 1.3 branch.
Get your copy here: polarssl-1.2.11-gpl.tgz
The hashes for polarssl-1.2.11-gpl.tgz are:
SHA-1 : 40cb3a833245273946c2075e6c948bbcda8a1be9 SHA-256: b3e9d059c687980976b468d8260f658e9003aede1dbc4a918526e90abdaa7d75