[ANNOUNCEMENT] OpenSSL 0.9.6a Beta 3 released

Admin Mailing Lists mlist at intergrafix.net
Mon Apr 2 09:23:10 PDT 2001 

uhh, the 'a' on the version can be very deceiving.
it denotes an alpha version of the version number stated.
>From the email, it doesn't seem this is what you wish to convey.
It should either be 0.9.7a or 0.9.6pl1 or something like that.

-Tony
.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.
Anthony J. Biacco                       Network Administrator/Engineer
thelittleprince at asteroid-b612.org       Intergrafix Internet Services

    "Dream as if you'll live forever, live as if you'll die today"
http://www.asteroid-b612.org                http://www.intergrafix.net
.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.

On Fri, 30 Mar 2001, Richard Levitte wrote:

> The third beta release of OpenSSL 0.9.6a is now available from the
> OpenSSL FTP site <URL: ftp://ftp.openssl.org/source/>.
> 
> OpenSSL 0.9.6a is a bug-fix release of version 0.9.6, and currently
> contains 52 documented changes.  Among others, this release should build
> on all Windows platforms, which 0.9.6 failed to do.  Just as for version
> 0.9.6, this one comes in two variants, one containing the now well-known
> ENGINE code and one that doesn't.  The tar files are:
> 
> 	openssl-0.9.6a-beta3.tar.gz
> 	openssl-engine-0.9.6a-beta3.tar.gz
> 
> The news section for 0.9.6a gives the following:
> 
>       o Security fix: change behavior of OpenSSL to avoid using
>         environment variables when running as root.
>       o Security fix: check the result of RSA-CRT to reduce the
>         possibility of deducing the private key from an incorrectly
>         calculated signature.
>       o Security fix: prevent Bleichenbacher's DSA attack.
>       o Security fix: Zero the premaster secret after deriving the
>         master secret in DH ciphersuites.
>       o Reimplement SSL_peek(), which had various problems.
>       o Compatibility fix: the function des_encrypt() renamed to
>         des_encrypt1() to avoid clashes with some Unixen libc.
>       o Bug fixes for Win32, HP/UX and Irix.
>       o Bug fixes in BIGNUM, SSL, PKCS#7, PKCS#12, X.509, CONF and
>         memory checking routines.
>       o Bug fixes for RSA operations in threaded enviroments.
>       o Bug fixes in misc. openssl applications.
>       o Remove a few potential memory leaks.
>       o Add tighter checks of BIGNUM routines.
>       o Shared library support has been reworked for generality.
>       o More documentation.
>       o New function BN_rand_range().
>       o Add "-rand" option to openssl s_client and s_server.
> 
> The next (hopefully real) release is scheduled for Tuesday 2001-04-03.  To make
> sure that it will work correctly, please test this version (especially on less
> common platforms), and report any problems to <openssl-bugs at openssl.org>.
> 
> --
> Richard Levitte         levitte at openssl.org
> OpenSSL Project         http://www.openssl.org/~levitte/
> Software Engineer, Celo Communications: http://www.celocom.com/
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> Announcement Mailing List                 openssl-announce at openssl.org
> Automated List Manager                           majordomo at openssl.org
>

More information about the cypherpunks-legacy mailing list