CVE-2014-8627
PolarSSL 1.3.8 does not properly negotiate the signature algorithm to use, which allows remote attackers to conduct downgrade attacks via unspecified vectors.
Date published : 2014-11-24
https://polarssl.org/tech-updates/releases/polarssl-1.3.9-released