PolarSSL is now part of ARM Official announcement and rebranded as mbed TLS.

PolarSSL 1.2.14 released

Description

PolarSSL 1.2.14 has been released!

Note: Although PolarSSL has been renamed to mbed TLS, no changes reflecting this will be made in the 1.2 branch at this point.

This release is a back-port of all bug fixes and security fixes that are in the 1.3 branch and are relevant for the 1.2 branch.

Security

Most important are the security fixes that have been back-ported to the 1.2 branch. PolarSSL 1.2.14 fixes one remotely-triggerable issues that was found by the Codenomicon Defensics tool, one potential remote crash and countermeasures against the "Lucky 13 strikes back" cache-based attack.

Bug fixes

Fixes include:

  • Fix bug in Via Padlock support (found by Nikos Mavrogiannopoulos).
  • Fix hardclock() (only used in the benchmarking program) with some versions of mingw64 (found by kxjhlele).
  • Fix warnings from mingw64 in timing.c (found by kxjklele).
  • Fix potential unintended sign extension in asn1_get_len() on 64-bit platforms (found with Coverity Scan).

Who should update

We advise users of PolarSSL to update if they:

  • use any branch other than the 1.3 branch.

Download links

Get your copy here: polarssl-1.2.14-gpl.tgz

Hashes

The hashes for polarssl-1.2.14-gpl.tgz are:

SHA-1  : d04601b06aadfa15b581e1d741eda6222baa99a2
SHA-256: d7cbd8314aa3a5441f6282d13d07df610f49b4bc678088b04188adf093d17d37

Like this?

Section:
Releases

Author:


Published:


Last updated:
Jun 26, 2015

Sharing:


Want to stay up to date?