[Fwd: OpenSSL 1.0.0 beta5 release]

Brian A. Seklecki bseklecki at collaborativefusion.com
Wed Jan 20 20:06:55 UTC 2010


All:

  Per Daniele Sluijters's inquiry on the 15th,CVE-2009-4355, as 
  well as with a provision/draft fix for CVE-2009-3555
  MITM/Renegotiation Venerability.

  I suspect we wont have a patch out for RELENG_6_3 by the 31st?  
  But I'm willing to maintain one for another few months.

~BAS

-------- Forwarded Message --------
From: OpenSSL <openssl at openssl.org>
Reply-to: openssl-users at openssl.org
To: openssl-users at openssl.org, openssl-announce at openssl.org
Subject: OpenSSL 1.0.0 beta5 release
Date: Wed, 20 Jan 2010 19:19:16 +0100

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


  OpenSSL version 1.0.0 Beta 5
  ============================

 [..snip...]

  Since the fourth beta, the following has happened:

    - Provisional TLS session renegotiation fix
    - Option to output hash using older algorithm in x509 utility
    - Compression session handling bug fix
    - Build system fixes.
    - Other bug fixes.

  Reports and patches should be sent to openssl-bugs at openssl.org.

[..snip...]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20100120/4702a42c/attachment.pgp


More information about the freebsd-security mailing list