[Fwd: OpenSSL 1.0.0 beta5 release]
Brian A. Seklecki
lavalamp at spiritual-machines.org
Wed Jan 20 20:25:46 UTC 2010
All:
Per Daniele Sluijters's inquiry on the 15th,CVE-2009-4355, as
well as with a provision/draft fix for CVE-2009-3555
MITM/Renegotiation Venerability.
I suspect we wont have a patch out for RELENG_6_3 by the 31st?
But I'm willing to maintain one for another few months.
~BAS
-------- Forwarded Message --------
From: OpenSSL <openssl at openssl.org>
Reply-to: openssl-users at openssl.org
To: openssl-users at openssl.org, openssl-announce at openssl.org
Subject: OpenSSL 1.0.0 beta5 release
Date: Wed, 20 Jan 2010 19:19:16 +0100
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
OpenSSL version 1.0.0 Beta 5
============================
[..snip...]
Since the fourth beta, the following has happened:
- Provisional TLS session renegotiation fix
- Option to output hash using older algorithm in x509 utility
- Compression session handling bug fix
- Build system fixes.
- Other bug fixes.
Reports and patches should be sent to openssl-bugs at openssl.org.
[..snip...]
More information about the freebsd-security
mailing list