Menu
▾
▴
[Devil-linux-software] OpenSSL 1.0.0c has been released [freshmeat.net]
|
From: freshmeat.net <no...@fr...> - 2010-12-07 02:36:03
|
Dear freshmeat.net subscriber, barsnick just announced version 1.0.0c of OpenSSL on freshmeat.net. The changes are as follows: An error was fixed in the experimental J-PAKE implementation, which could lead to successful validation by someone with no knowledge of the shared secret. This issue was reported as CVE-2010-4252. An old bug in a workaround that allowed malicious clients to modify the stored session cache ciphersuite was fixed. This issue was reported as CVE-2010-4180. Project description: The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, fully featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) as well as a full-strength general-purpose cryptography library. Detailed history and release notes are available here: http://freshmeat.net/projects/openssl#release_325450 If you want to change your subscription to this project, please log in to: http://freshmeat.net/account/subscriptions Best regards, freshmeat.net -- This email was sent to dev...@li.... |
