Re: OpenSSL version 3.0.0-alpha10 published
Please remove my email from your distribution > On Jan 7, 2021, at 9:08 AM, OpenSSL wrote: > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > > OpenSSL version 3.0 alpha 10 released > = > > OpenSSL - The Open Source toolkit for SSL/TLS > https://www.openssl.org/ > > OpenSSL 3.0 is currently in alpha. > > OpenSSL 3.0 alpha 10 has now been made available. > > Note: This OpenSSL pre-release has been provided for testing ONLY. > It should NOT be used for security critical purposes. > > Specific notes on upgrading to OpenSSL 3.0 from previous versions, as well > as known issues are available on the OpenSSL Wiki, here: > >https://wiki.openssl.org/index.php/OpenSSL_3.0 > > The alpha release is available for download via HTTPS and FTP from the > following master locations (you can find the various FTP mirrors under > https://www.openssl.org/source/mirror.html): > > * https://www.openssl.org/source/ > * ftp://ftp.openssl.org/source/ > > The distribution file name is: > >o openssl-3.0.0-alpha10.tar.gz > Size: 14084047 > SHA1 checksum: dfeb99f9bdb270d11f723039d07fda1478a31219 > SHA256 checksum: > b1699acf2148db31f12edf5ebfdf12a92bfd3f0e60538d169710408a3cd3b138 > > The checksums were calculated using the following commands: > >openssl sha1 openssl-3.0.0-alpha10.tar.gz >openssl sha256 openssl-3.0.0-alpha10.tar.gz > > Please download and check this alpha release as soon as possible. > To report a bug, open an issue on GitHub: > >https://github.com/openssl/openssl/issues > > Please check the release notes and mailing lists to avoid duplicate > reports of known issues. (Of course, the source is also available > on GitHub.) > > Yours, > > The OpenSSL Project Team. > > -BEGIN PGP SIGNATURE- > > iQEzBAEBCAAdFiEEhlersmDwVrHlGQg52cTSbQ5gRJEFAl/3ESsACgkQ2cTSbQ5g > RJErmQgAj74iDsxOIigH87UxtnKLUqZc7ewbyZxM41XK52G/OPAzqSzGlMxhsYit > gvN7k+4qHWGuzyP5UGoTnxued/eG3tggUJh/WeuTmZ8DdrdV4C8Mhfb9ZkocDZZj > /wCnVGfb4xS5SPVnHU0qqtn0bWrltddjvdAzmuKvzQmyhftH6d/+VyUA9b9oUTkr > ygAvJYI6sJ/WBBSbRzONhwO16GKiLi5AzpPTuW9z7ZJS3YdZCCFFCYKPO255To9y > 1GgxhGns9VksvN6NR3AFeTKMQyet3Uo2tRmigtRYZvaJDCE4am40zSuhdFmujwMA > HFVox7b+u1PJrUdxzOGJe+A+1I0R9A== > =yDQs > -END PGP SIGNATURE-
Re: Random and rare Seg faults at openssl library level
Please remove my email > On Jan 7, 2021, at 3:23 AM, Jan Just Keijser wrote: > > On 06/01/21 21:57, Michael Wojcik wrote: >> >> The same way you'd track down an intermittent cause of Undefined Behavior in >> any other program: some combination of dynamic monitoring, symbolic >> execution, static code analysis, source code review, testing variants, >> tracing, fuzzing, post-mortem analysis, and so on. This isn't specific to >> OpenSSL. >> >> But you're asking the wrong question. The correct question is: Why are you >> using an outdated version of OpenSSL? > > possibly because: > > $ cat /etc/redhat-release && openssl version > CentOS Linux release 7.9.2009 (Core) > OpenSSL 1.0.2k-fips 26 Jan 2017 > > ? > >