Denial of service and possible remote code execution, see $URL for full description. Severity rated high by upstream.
mbedtls bumped to 2.1.2 and old versions cleaned up:
Is PolarSSL done? I do not see anything higher then 1.3.9
Ping on the question above?
Sorry, i have been and am still pretty busy, but for now checked the remaining packages depending on polarssl. I have opened bugs for them, bug 618354 tracks them.
I split out net-libs/polarssl into bug 620502.
This issue was resolved and addressed in
GLSA 201706-18 at https://security.gentoo.org/glsa/201706-18
by GLSA coordinator Kristian Fiskerstrand (K_F).