Re: [Ltib] openssl

ltib

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Ltib] openssl

From:	Mark Bishop
Subject:	Re: [Ltib] openssl
Date:	Fri, 22 Jan 2010 15:23:55 -0500
User-agent:	Internet Messaging Program (IMP) H3 (4.2-cvs)


OpenSSL CHANGES
 _______________

 Changes between 0.9.8k and 0.9.8l  [5 Nov 2009]

  *) Disable renegotiation completely - this fixes a severe security
     problem (CVE-2009-3555) at the cost of breaking all
     renegotiation. Renegotiation can be re-enabled by setting
     SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION in s3->flags at
     run-time. This is really not recommended unless you know what
     you're doing.
     [Ben Laurie]


They have also started to release the 1.0 Beta's.


Quoting Stuart Hughes <address@hidden>:

Hi Mark,
It's always good to get updates. If you get it ported, please postyour patch/spec file to the list.
BTW: what's changed for this later version?

Regards, Stuart

Mark Bishop wrote:
I am going to deploy the most recent openssl with ltib. I am goingto start with the current .spec file for the version that is inthere. Is this something that would be worthwhile to upload to theltib project or should I not worry about it?

[Prev in Thread]

Current Thread

[Next in Thread]

[Ltib] openssl, Mark Bishop, 2010/01/22
- Re: [Ltib] openssl, Stuart Hughes, 2010/01/22
  - Re: [Ltib] openssl, Mark Bishop <=
    - Re: [Ltib] openssl, Mark Bishop, 2010/01/22
    - Re: [Ltib] openssl, Stuart Hughes, 2010/01/25

Prev by Date: Re: [Ltib] openssl
Next by Date: Re: [Ltib] openssl
Previous by thread: Re: [Ltib] openssl
Next by thread: Re: [Ltib] openssl
Index(es):
- Date
- Thread