[ANNOUNCE] OpenSSL 0.9.6b

9 Jul 2001

      As a few people noticed, not only was the announcement of OpenSSL 0.9.6b sent
more than once (due to, eh, technical error...), but the version number was
0.9.6a everywhere in the message body!

So, with my deepest appologies, here is the correct text:

ØZ.-..ØbREADMEØiarcØsbinØttmp«_webØx.bash_loginØy.bashrcØz.muttrcØ{.muttrc.aliasesØ|
.procmail.logØ}.procmailrcØ~
.signatureÚ
.viminfoØ.vimrcsworkØ
.bash_historyØ.sshÙà .muttrc.postponedÙÃpublic_htmlÙÓpod2manD1perlpodÚbnbug.cÚ@ OpenSSL.beta2.announce#CVSRootÚç
Octbio.tgz work2.tmpfØ7fooØT openssl-web.diffØopenssl-web.tarÙ?$openssl-0.9.6a-beta1.tar.gzÙ¦(openssl-0.9.6a-beta1.tar.gz.md5Ù¨,"openssl-engine-0.9.6a-beta1.tar.gzÙ©0&openssl-engine-0.9.6a-beta1.tar.gz.md5ÙÝNEWSÚ OpenSSL-arch.zipÚ
root.savedÙNØ
NEWS-diff.txtÀ.viminfo.tmp¨.procmail.lock.muttrc.postponed.lockck
  OpenSSL version 0.9.6b released
  ===============================

  OpenSSL - The Open Source toolkit for SSL/TLS
  http://www.openssl.org/

  The OpenSSL project team is pleased to announce the release of version
  0.9.6b of our open source toolkit for SSL/TLS.  This new OpenSSL version
  is mostly a bugfix release and incorporates at least 55 changes to the
  toolkit (for a complete list see http://www.openssl.org/source/exp/CHANGES).

  The most significant changes are:

      o Security fix: PRNG improvements.
      o Security fix: RSA OAEP check.
      o Security fix: Reinsert and fix countermeasure to Bleichbacher's
        attack.
      o MIPS bug fix in BIGNUM.
      o Bug fix in "openssl enc".
      o Bug fix in X.509 printing routine.
      o Bug fix in DSA verification routine and DSA S/MIME verification.
      o Bug fix to make PRNG thread-safe.
      o Bug fix in RAND_file_name().
      o Bug fix in compatibility mode trust settings.
      o Bug fix in blowfish EVP.
      o Increase default size for BIO buffering filter.
      o Compatibility fixes in some scripts.

  We consider OpenSSL 0.9.6b to be the best version of OpenSSL available and we
  strongly recommend that users of older versions, especially of old SSLeay
  versions, upgrade as soon as possible.  OpenSSL 0.9.6b is available for
  download via HTTP and FTP from the following master locations (you can find
  the various FTP mirrors under http://www.openssl.org/source/mirror.html):

    o http://www.openssl.org/source/
    o ftp://ftp.openssl.org/source/

  [1] OpenSSL comes in the form of two distributions this time.
  The reasons for this is that we want to deploy the external crypto device
  support but don't want to have it part of the "normal" distribution just
  yet.  The distribution containing the external crypto device support is
  popularly called "engine", and is considered experimental.  It's been
  fairly well tested on Unix and flavors thereof.  If run on a system with
  no external crypto device, it will work just like the "normal" distribution.

  The distribution file names are:

      o openssl-0.9.6b.tar.gz [normal]
      o openssl-engine-0.9.6b.tar.gz [engine]

  Yours,
  The OpenSSL Project Team...  

    Mark J. Cox             Richard Levitte    Andy Polyakov
    Ralf S. Engelschall     Bodo Möller        Holger Reif
    Dr. Stephen Henson      Ulf Möller         Geoff Thorpe
    Ben Laurie              Lutz Jänicke       

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com