(2.2, 2.1, 1.3) Fixes a potential double free when mbedtls_asn1_store_named_data() fails to allocate memory. This was only used for certificate generation and was not triggerable remotely in SSL/TLS. The original issues was found by Rafał Przywara, in https://github.com/ARMmbed/mbedtls/issues/367
(2.2, 2.1, 1.3) Disables by default MD5 handshake signatures in TLS 1.2 to prevent the SLOTH attack on TLS 1.2 server authentication (other attacks from the SLOTH paper do not apply to any version of mbed TLS or PolarSSL).
Added to existing GLSA.
This issue was resolved and addressed in
GLSA 201801-15 at https://security.gentoo.org/glsa/201801-15
by GLSA coordinator Thomas Deutschmann (whissi).