[ANNOUNCEMENT] OpenSSL 0.9.6a Beta 3 released
Admin Mailing Lists
mlist at intergrafix.net
Mon Apr 2 09:23:10 PDT 2001
uhh, the 'a' on the version can be very deceiving.
it denotes an alpha version of the version number stated.
>From the email, it doesn't seem this is what you wish to convey.
It should either be 0.9.7a or 0.9.6pl1 or something like that.
-Tony
.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.
Anthony J. Biacco Network Administrator/Engineer
thelittleprince at asteroid-b612.org Intergrafix Internet Services
"Dream as if you'll live forever, live as if you'll die today"
http://www.asteroid-b612.org http://www.intergrafix.net
.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.
On Fri, 30 Mar 2001, Richard Levitte wrote:
> The third beta release of OpenSSL 0.9.6a is now available from the
> OpenSSL FTP site <URL: ftp://ftp.openssl.org/source/>.
>
> OpenSSL 0.9.6a is a bug-fix release of version 0.9.6, and currently
> contains 52 documented changes. Among others, this release should build
> on all Windows platforms, which 0.9.6 failed to do. Just as for version
> 0.9.6, this one comes in two variants, one containing the now well-known
> ENGINE code and one that doesn't. The tar files are:
>
> openssl-0.9.6a-beta3.tar.gz
> openssl-engine-0.9.6a-beta3.tar.gz
>
> The news section for 0.9.6a gives the following:
>
> o Security fix: change behavior of OpenSSL to avoid using
> environment variables when running as root.
> o Security fix: check the result of RSA-CRT to reduce the
> possibility of deducing the private key from an incorrectly
> calculated signature.
> o Security fix: prevent Bleichenbacher's DSA attack.
> o Security fix: Zero the premaster secret after deriving the
> master secret in DH ciphersuites.
> o Reimplement SSL_peek(), which had various problems.
> o Compatibility fix: the function des_encrypt() renamed to
> des_encrypt1() to avoid clashes with some Unixen libc.
> o Bug fixes for Win32, HP/UX and Irix.
> o Bug fixes in BIGNUM, SSL, PKCS#7, PKCS#12, X.509, CONF and
> memory checking routines.
> o Bug fixes for RSA operations in threaded enviroments.
> o Bug fixes in misc. openssl applications.
> o Remove a few potential memory leaks.
> o Add tighter checks of BIGNUM routines.
> o Shared library support has been reworked for generality.
> o More documentation.
> o New function BN_rand_range().
> o Add "-rand" option to openssl s_client and s_server.
>
> The next (hopefully real) release is scheduled for Tuesday 2001-04-03. To make
> sure that it will work correctly, please test this version (especially on less
> common platforms), and report any problems to <openssl-bugs at openssl.org>.
>
> --
> Richard Levitte levitte at openssl.org
> OpenSSL Project http://www.openssl.org/~levitte/
> Software Engineer, Celo Communications: http://www.celocom.com/
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> Announcement Mailing List openssl-announce at openssl.org
> Automated List Manager majordomo at openssl.org
>
More information about the cypherpunks-legacy
mailing list