Should add to this: 1.1.1 is the LTS version of OpenSSL; 1.1.0 is no
longer supported upstream. It's not going to be practical to backport
anything to 1.1.0.
1.1.1 has no API breakage beyond 1.1.0 (which you already did) and you
should upgrade this during bionic. 1.1.1 also adds TLSv1.3.
If you
Warning: Both RC4 and MD5 are INSECURE. They are susceptible to
practical attacks. Do not use them.
MD5 is already disabled by default. Real collisions have been produced,
and used to forge certificates in the wild; its use as an HMAC is also
strongly discouraged. It must never be used.
RC4
2 matches
Mail list logo