PolarSSL is now part of ARM Official announcement and rebranded as mbed TLS.

PolarSSL 1.2.15 and mbed TLS 1.3.12 released

Description

The maintenance releases polarssl-1.2.15 and mbedtls-1.3.12 for respectively the 1.2 and 1.3 branch have been released.

These releases are mainly fixing a number of outstanding issues and security fixes that have been back-ported from the 2.0 branch.

Security

In order to strengthen the minimum requirements for connections and to protect against the Logjam attack, the minimum size of Diffie-Hellman parameters accepted by the client has been increased to 1024 bits.

In addition the default size for the Diffie-Hellman parameters on the server are increased to 2048 bits. This can be changed with ssl_set_dh_params() in case this is necessary.

Changes

Changes in this release include:

  • Add SSL_MIN_DHM_BYTES configuration parameter in config.h to choose the minimum size of Diffie-Hellman parameters accepted by the client.
  • The PEM parser now accepts a trailing space at end of lines.

Bug fixes

Fixes include:

  • Fix thread-safety issue in SSL debug module (found by Edwin van Vliet).
  • Some example programs were not built using make, not included in Visual Studio projects (found by Kristian Bendiksen).
  • Fix build error with CMake and pre-4.5 versions of GCC (found by Hugo Leisink).
  • Fix missing -static-ligcc when building shared libraries for Windows with make.
  • Fix compile error with armcc5 --gnu.

More details can be found in the ChangeLog.

Who should update

We advise users of mbed TLS (and PolarSSL) to update when relying on Diffie-Hellman key exchanges.

Download links

Get your copy here:

Hashes

The hashes for mbedtls-1.3.12-gpl.tgz are:

SHA-1  : 8d47de89f3e9cd54c099a9ecea32321a9b81ad66
SHA-256: d2ef3d5d749d8dd484c8057526f7b404a9155e74cb7bdf1316a927c7a1035871

The hashes for polarssl-1.2.15-gpl.tgz are:

SHA-1  : b1da505ce79637a49e29d12a6beb2c1f74d84a72
SHA-256: cf35b0ec818c2543027ff69c65ca6ac8a0c268cbd698da863479266af0ace344

Like this?

Section:
Releases

Author:


Published:


Last updated:
Aug 11, 2015

Sharing:


Want to stay up to date?

To sign up for Mbed TLS news, log in to or create an Mbed account and update your marketing preferences.