[Devil-linux-software] [fmII] OpenSSL 0.9.7l released (Old Stable branch)

[<no...@fr...>]

This email is to inform you about the release of version '0.9.7l' of
'OpenSSL' through freshmeat.net. All URLs and other useful information can
be found at

    http://freshmeat.net/projects/openssl/

The changes in this release are as follows:
This release fixes several security vulnerabilities: Limits have been
introduced to prevent malicious keys from being able to cause a
denial of service, as reported in CVE-2006-2940. ASN.1 parsing of
certain invalid structures has been fixed, to prevent denial of
service as reported in CVE-2006-2937. A buffer overflow in
SSL_get_shared_ciphers(), as reported in CVE-2006-3738, has been
fixed. A possible crash when connecting to a malicious SSLv2 server,
as reported in CVE-2006-4343, has been fixed. The ciphersuite
selection algorithm has been changed to match only explicitly-named
ciphersuites.  

Release focus:
9 - Major security fixes 

Project added:
Wed, Dec 23rd 1998 13:04 (7 years, 9 months ago)

Project description:
The OpenSSL Project is a collaborative effort to develop a robust,
commercial-grade, fully featured, and Open Source toolkit
implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer
Security (TLS v1) as well as a full-strength general-purpose
cryptography library. 

Trove categories:
[Intended Audience   ] Developers
[License             ] OSI Approved
[Topic               ] Software Development :: Libraries 

If you would like to cancel subscription to releases of this project,
login to freshmeat.net and choose 'home' from the personal menubar at the
top of the page. You'll be presented with a list of projects and
categories you're subscribed to in the right column, which you may cancel
by highlighting the project or category in question and clicking the
'delete' button.

Sincerely,
freshmeat.net