Weblog

Hiawatha v9.10 has been released

4 January 2015, 15:39

The 9.10-rc1 release caused no trouble for anyone, so here is the final release. Nothing changed. Have fun with it!

Leo Unglaub

4 January 2015, 15:46

Thanks, i updated the CRUX-Linux ports

Chris Wadge

4 January 2015, 23:27

Debian builds are also up, after a quick round of testing (quicker than usual since I've already done this on the RC), and available at files.tuxhelp.org [files.tuxhelp.org]; apt.sparkz.no [apt.sparkz.no] should be synced shortly.

I'm not sure I've mentioned this in the past, but TLS is also available for files.tuxhelp.org if you prefer. Note that since it's vhost-specific, you'll need a client modern enough to understand SNI, otherwise it will throw a trust error. In other words, if you use an ancient version of wget, you'll probably need to ignore any certificate issues or use the HTTP protocol instead. https://files.tuxhelp.org

David Oliver

5 January 2015, 15:33

Many thanks!

RoestVrijStaal

10 January 2015, 14:16

Does this version include the bugfix versions of PolarSSL for fixing CVE-2014-8628?

Hugo Leisink

10 January 2015, 17:33

Yes, CVE-2014-8628 has been fixed in 1.3.9, which is included in Hiawatha 9.10. You can always upgrade PolarSSL by running the update script inside the polarssl directory.

Chris Wadge

11 January 2015, 01:54

@RoestVrijStaal, In my Debian builds, this was fixed in 9.8-1.

RoestVrijStaal

11 January 2015, 17:40

@Hugo & @Chris: Thanks!

bhzhu203

15 January 2015, 09:13

Thanks!