lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.44.0302192035470.28607-100000@dell1.moose.awe.com>
From: mark at openssl.org (Mark J Cox)
Subject: [ANNOUNCE] OpenSSL 0.9.7a and 0.9.6i released

-----BEGIN PGP SIGNED MESSAGE-----


  OpenSSL version 0.9.7a and 0.9.6i released
  ==========================================

  OpenSSL - The Open Source toolkit for SSL/TLS
  http://www.openssl.org/

  The OpenSSL project team is pleased to announce the release of
  version 0.9.7a of our open source toolkit for SSL/TLS.  This new
  OpenSSL version is a security and bugfix release and incorporates
  at least 11 changes and bugfixes to the toolkit (for a complete list
  see http://www.openssl.org/source/exp/CHANGES.

  We also release 0.9.6i, which contains the same security bugfix as
  0.9.7a and a few more small bugfixes compared to 0.9.6h.

  The most significant changes are:

    o Security: Important security related bugfixes. [0.9.7a and 0.9.6i]
    o Enhanced compatibility with MIT Kerberos. [0.9.7a]
    o Can be built without the ENGINE framework. [0.9.7a]
    o IA32 assembler enhancements. [0.9.7a]
    o Support for new platforms: FreeBSD/IA64 and FreeBSD/Sparc64. [0.9.7a]
    o Configuration: the no-err option now works properly. [0.9.7a]
    o SSL/TLS: now handles manual certificate chain building. [0.9.7a]
    o SSL/TLS: certain session ID malfunctions corrected. [0.9.7a]

  We consider OpenSSL 0.9.7a to be the best version of OpenSSL available
  and we strongly recommend that users of older versions upgrade as
  soon as possible.  OpenSSL 0.9.7a is available for download via HTTP
  and FTP from the following master locations (you can find the various
  FTP mirrors under http://www.openssl.org/source/mirror.html):

    o http://www.openssl.org/source/
    o ftp://ftp.openssl.org/source/

  For those who want or have to stay with the 0.9.6 series of OpenSSL,
  we strongly recommend that you upgrade to OpenSSL 0.9.6i as soon as
  possible.  It's available in the same location as 0.9.7a.

  The distribution file name is:

    o openssl-0.9.7a.tar.gz [normal]
      MD5 checksum: a0d3203ecf10989fdc61c784ae82e531
    o openssl-0.9.6i.tar.gz [normal]
      MD5 checksum: 9c4db437c17e0b6412c5e4645b6fcf5c
    o openssl-engine-0.9.6i.tar.gz [engine]
      MD5 checksum: c9adc0596c630b31b999eba32fc0a6b3

  The checksums were calculated using the following command:

    openssl md5 < openssl-0.9.7a.tar.gz
    openssl md5 < openssl-0.9.6i.tar.gz
    openssl md5 < openssl-engine-0.9.6i.tar.gz

  Yours,
  The OpenSSL Project Team...

    Mark J. Cox             Ben Laurie          Andy Polyakov
    Ralf S. Engelschall     Richard Levitte     Geoff Thorpe
    Dr. Stephen Henson      Bodo M?ller
    Lutz J?nicke            Ulf M?ller

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iQCVAwUBPlPqwO6tTP1JpWPZAQGrKwQAnHt/lP1uBtOM8buBGnByb5m+LKHUV85N
4Zfh/HFY43IV7WF5ag357y3mxxCF/+tiGrpLAkIccJukY7Iehi7YJPvAm+j+89hE
HXfuBGbevRwGDtII6DM4yrfbDkAHusGQREBinfQeiB7Bi7atwLGkVhz4mKEDJdK2
dqDk9FsEl2o=
=YyHg
-----END PGP SIGNATURE-----


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ