Denial of service and possible remote code execution, see $URL for full description. Severity rated high by upstream.
mbedtls bumped to 2.1.2 and old versions cleaned up: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=769245b868ad148eb4f44f463c8190641c311781 https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a8e6d5bf813b88ed5cc43bbfb5d2aaa72cfe4cc5
Is PolarSSL done? I do not see anything higher then 1.3.9
Ping on the question above?
Sorry, i have been and am still pretty busy, but for now checked the remaining packages depending on polarssl. I have opened bugs for them, bug 618354 tracks them.
I split out net-libs/polarssl into bug 620502.
This issue was resolved and addressed in GLSA 201706-18 at https://security.gentoo.org/glsa/201706-18 by GLSA coordinator Kristian Fiskerstrand (K_F).