[blfs-book] OpenSSL 1.0.1d has been released [Freecode]
noreply at freecode.com
Thu Feb 7 14:12:05 PST 2013
Dear OpenSSL follower,
barsnick just announced version 1.0.1d of OpenSSL on Freecode.
The release notes for this version are as follows:
A weakness in the handling of CBC ciphersuites in SSL, TLS, and DTLS, exploited
through timing differences arising during MAC processing, was fixed. This
vulnerability was reported as CVE-2013-0169. A flaw in the handling of CBC
ciphersuites in TLS 1.1 and TLS 1.2 on AES-NI supporting platforms was fixed.
This vulnerability was reported as CVE-2012-2686. A flaw in the handling of OCSP
response verification, exploitable with a denial of service attack, was fixed.
This vulnerability was reported as CVE-2013-0166.
The OpenSSL Project is a collaborative effort to
develop a robust, commercial-grade, fully
featured, and Open Source toolkit implementing the
Secure Sockets Layer (SSL v2/v3) and Transport
Layer Security (TLS v1) as well as a full-strength
general-purpose cryptography library.
Detailed history and release notes are available here:
If you want to unfollow this project, please log in to:
This email was sent to blfs-book at linuxfromscratch.org.
Geeknet, Inc. | 594 Howard Street, Suite 300 | San Francisco, CA 94105
More information about the blfs-book