Upgrade of PolarSSL
Paul Bakker
bakker at fox-it.com
Tue Feb 22 16:48:20 UTC 2011
Dear Maintainer,
I'm the source code maintainer for the PolarSSL library.
I wish to ask you to upgrade your version of PolarSSL to version 0.14.1 (http://polarssl.org/download?file=code/releases/polarssl-0.14.1-gpl.tgz&name=polarssl-0.14.1-gpl.tgz).
A MITM security vulnerability has been found in all previous versions of PolarSSL.
This is the first time I've done this, so please help me out if I'm doing anything stupid.
I'm going to announce the presence of the vulnerability in one month time, but I hope you are able to push 0.14.1 into the repositories before then, so that users can upgrade more easily.
Best regards,
Paul Bakker
More information about the Ubuntu-motu
mailing list