PolarSSL 1.2.9 released

Description

Changes

The x509_verify() function now matches the domain name given to it in cn in a case insensitive way as per RFC 6125 section 6.4.

Bug fixes

A number of small memory leaks and file descriptor leaks in uncommon situations have been fixed.

Security

A remote timing attack that can recover the RSA private key (Security Advisory 2013-05) has been fixed. Warning: the fix makes it impossible to use the same x509 certificate in multiple threads at the same time (which was possible before) or you have to disable CRT (POLARSSL_RSA_NO_CRT). The version in PolarSSL 1.3.0 is thread-safe.

A couple of possible local overflows have been fixed. Check the ChangeLog for more details.

Who should update

Our advice for users of the PolarSSL 1.2 branch is to update!

Download links

Get your copy here: polarssl-1.2.9-gpl.tgz

Hashes

The hashes for polarssl-1.2.9-gpl.tgz are:

SHA-1  : c870ba466ddf6a9fc3b62c57bf8a316c331f104b
SHA-256: d125a6e7eb6eb3e5110035df1469099c5463837b1ef734e60771095dafc0ef56

Like this?

Section:
Releases

Author:


Published:


Last updated:
Oct 3, 2013

Sharing:


Want to stay up to date?