-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Forthcoming OpenSSL releases
The OpenSSL project team would like to announce the forthcoming release of
OpenSSL versions 1.0.2g, 1.0.1s.
These releases will be made available on 1st March 2016 between approximately
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Forthcoming OpenSSL releases
The OpenSSL project team would like to announce the forthcoming release of
OpenSSL versions 1.0.2f, 1.0.1r.
These releases will be made available on 28th January between approx. 1pm and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Forthcoming OpenSSL releases
The OpenSSL project team would like to announce the forthcoming release
of OpenSSL versions 1.0.2d and 1.0.1p.
These releases will be made available on 9th July. They will fix a
single
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Forthcoming OpenSSL releases
The OpenSSL project team would like to announce the forthcoming release
of OpenSSL versions 1.0.2d and 1.0.1p.
These releases will be made available on 9th July. They will fix a
single
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenSSL Security Advisory [24 Apr 2012]
===
ASN1 BIO incomplete fix (CVE-2012-2131)
===
It was discovered that the fix for CVE-2012-2110 released on 19 Apr
2012 was not
.*.tar.gz
Yours,
The OpenSSL Project Team...
Mark J. Cox Nils Larsch Ulf Möller
Ralf S. Engelschall Ben Laurie Andy Polyakov
Dr. Stephen Henson Richard Levitte Geoff Thorpe
Lutz JänickeBodo Möller
-BEGIN PGP SIGNATURE
The checksums were calculated using the following commands:
openssl md5 openssl-0.9.*.tar.gz
openssl sha1 openssl-0.9.*.tar.gz
Yours,
The OpenSSL Project Team...
Mark J. Cox Nils Larsch Ulf Möller
Ralf S. Engelschall Ben Laurie Andy Polyakov
The checksums were calculated using the following commands:
openssl md5 openssl-0.9.*.tar.gz
openssl sha1 openssl-0.9.*.tar.gz
Yours,
The OpenSSL Project Team...
Mark J. Cox Nils Larsch Ulf Möller
Ralf S. Engelschall Ben Laurie Andy
: 8dc90a113eb8925795071fbe52b2932c
SHA1 checksum: 9fe535fce89af967b29c4727dedd25f2b4cc2f0d
The checksums were calculated using the following commands:
openssl md5 openssl-0.9.*.tar.gz
openssl sha1 openssl-0.9.*.tar.gz
Yours,
The OpenSSL Project Team...
Mark J. Cox
the following command:
openssl md5 openssl-0.9.7e.tar.gz
Yours,
The OpenSSL Project Team...
Mark J. Cox Ben Laurie Andy Polyakov
Ralf S. Engelschall Richard Levitte Geoff Thorpe
Dr. Stephen Henson Bodo Möller
Lutz JänickeUlf Möller
-BEGIN PGP SIGNED MESSAGE-
OpenSSL Security Advisory [17 March 2004]
Updated versions of OpenSSL are now available which correct two
security issues:
1. Null-pointer assignment during SSL handshake
===
Testing performed by the OpenSSL group
-BEGIN PGP SIGNED MESSAGE-
OpenSSL Security Advisory [4 November 2003]
Denial of Service in ASN.1 parsing
==
Previously, OpenSSL 0.9.6k was released on the 30 September 2003 to
address various ASN.1 issues. The issues were found using a test
suite from
Project Team...
Mark J. Cox Ben Laurie Andy Polyakov
Ralf S. Engelschall Richard Levitte Geoff Thorpe
Dr. Stephen Henson Bodo Möller
Lutz JänickeUlf Möller
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.1 (GNU/Linux
-BEGIN PGP SIGNED MESSAGE-
OpenSSL Security Advisory [30 September 2003]
Vulnerabilities in ASN.1 parsing
NISCC (www.niscc.gov.uk) prepared a test suite to check the operation
of SSL/TLS software when presented with a wide range of malformed client
The recent fix in 0.9.6c engine adding inttypes.h for AEP accelerator
broke Solaris 2.5.1 and Unixware 7 builds. Joe wrote this patch which
compiles on all our build machines. Not tested (but should be okay) on
Windows too.
Cheers, Mark
-- Forwarded message --
Date: Tue, 04
Noticed a problem with make install on the 0.9.6c-dev engine branch,
might affect other branches too.
Mark
Index: Makefile.org
===
RCS file: /e/openssl/cvs/openssl/Makefile.org,v
retrieving revision 1.88.2.7.4.7
diff -u
Having said that SGC might now become obsolete anyway.
I think it will take some time for this to happen; we've got to wait for
MS and Netscape to release full-strength versions, then wait for everyone
to upgrade to them. Theres still a large percentage of people who hit our
site with browsers
that incorporate become covered by the E.A.R. and must adhere to the
U.S. governments decisions on which countries are to be considered
...plus they may change the rules in 120 days :)
Mark
__
OpenSSL Project
I noticed a problem - when the CA list we were loading from a file
(standard verify_locations stuff) contained a duplicate certificate all
certificates after the duplicate would be ignored. This patch alters
X509_load_cert_file() so that if an error occurs looking at one
certificate the routine
Actually I didn't found any command line tool able to generate and/or
verify PKCS#7 signatures (such as generated by signed forms by Netscape
and other tools ...)
We've (C2Net) got a set of stand-alone command line programs for PKCS#7
encrypt/decrypt that seem to work well. They need a
I'm going to delay applying this patch; after applying some connections
fail:
try openssl -connect www.trustcenter.de:443 [fails]
try openssl -connect www.trustcenter.de:443 -no_tls1 [passes]
On Sun, 31 Jan 1999, Mark J Cox wrote:
In going through our internal code I came across some changes
was concerned about the ssl changes as they
are a fairly major change and have not been part of C2Net products so
they've not seen any public testing yet.
Mark
Mark J Cox, . www.awe.com/~mark
Latest news on the Apache Web Server
22 matches
Mail list logo