Version 3.6.8 of the wolfSSL embedded SSL/TLS library has been released and is now available for download. Release 3.6.8 of wolfSSL fixes two high severity vulnerabilities. It also includes bug fixes and new features including:
– Two High level security fixes, all users SHOULD update.
a) If using wolfSSL for DTLS on the server side of a publicly accessible machine you MUST update.
b) If using wolfSSL for TLS on the server side with private RSA keys allowing ephemeral key exchange without low memory optimizations you MUST update and regenerate the private RSA keys.
Please see our recent vulnerability blog post for more details
– No filesystem build fixes for various configurations
– Certificate generation now supports several extensions including KeyUsage, SKID, AKID, and Certificate Policies
– CRLs can be loaded from buffers as well as files now
– SHA-512 Certificate Signing generation
– Fixes for sniffer reassembly processing
For more information about using and compiling wolfSSL, please visit the wolfSSL Documentation page or wolfSSL Manual. If you have questions about the wolfSSL embedded SSL/TLS library, or about using it in your project, please Contact Us.
Download wolfSSL 3.6.8: https://www.wolfssl.com/