Does the release of 0.9.8j also include the FIPS module support?
(i.e., is this a bug-fix only release, or does this include what you
have been working on for the past few months as well?)
-Kyle H
On Wed, Jan 7, 2009 at 4:10 AM, Dr. Stephen Henson wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Ha
> Does the release of 0.9.8j also include the FIPS module support?
> (i.e., is this a bug-fix only release, or does this include what you
> have been working on for the past few months as well?)
The actual 0.9.8j release announcement stated:
"This is the first full release of OpenSSL that can lin
--- On Wed, 1/7/09, Dr. Stephen Henson wrote:
> Incorrect checks for malformed signatures
> - ---
It is not perfectly clear to me if regular certificate validiations and smime
signature validiation is also affected by this. Could you please elaborate if
One way to exploit this flaw would be for a remote attacker who is in
control of a malicious server or who can use a 'man in the middle'
attack to present a malformed SSL/TLS signature from a certificate chain
to a vulnerable client, bypassing validation.
In my opinion, this statement is not ver
On Wed, Jan 7, 2009 at 1:10 PM, Dr. Stephen Henson wrote:
[...]
> diff -ur openssl-0.9.8i-ORIG/apps/speed.c openssl-0.9.8i/apps/speed.c
[...]
> diff -ur openssl-0.9.8i-ORIG/ssl/ssltest.c openssl-0.9.8i/ssl/ssltest.c
0.9.9 CVS head (and probably 0.9.8 as well): for completeness sake
there's one mo
