OpenSSL 1.0.0 has been released [] noreply at
Tue Mar 30 15:01:36 PDT 2010

Dear subscriber,

barsnick just announced version 1.0.0 of OpenSSL on

The changes are as follows:

Connection renegotiation was vastly improved to overcome protocol weaknesses. A
recently introduced "Record of death" vulnerability was resolved. A possible
crash, reported as CVE-2010-0433, was fixed. Some memory leaks were resolved.
Initial TLSv1.1 support was added. Handling of TLS versions 2.0 and later was
improved, and the highest version is now selected. Support for MD2 has been
deprecated. Support for companion-algorithm specific ASN1 signing routines was
added. Signature dumping was improved. Many other improvements and minor
bugfixes were made.

Project description:

The OpenSSL Project is a collaborative effort to
develop a robust, commercial-grade, fully
featured, and Open Source toolkit implementing the
Secure Sockets Layer (SSL v2/v3) and Transport
Layer Security (TLS v1) as well as a full-strength
general-purpose cryptography library.

Detailed history and release notes are available here:

If you want to change your subscription to this project, please log in to:

Best regards,

This email was sent to blfs-book at

More information about the blfs-book mailing list