|
From: | Mark Bishop |
Subject: | Re: [Ltib] openssl |
Date: | Fri, 22 Jan 2010 15:23:55 -0500 |
User-agent: | Internet Messaging Program (IMP) H3 (4.2-cvs) |
OpenSSL CHANGES _______________ Changes between 0.9.8k and 0.9.8l [5 Nov 2009] *) Disable renegotiation completely - this fixes a severe security problem (CVE-2009-3555) at the cost of breaking all renegotiation. Renegotiation can be re-enabled by setting SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION in s3->flags at run-time. This is really not recommended unless you know what you're doing. [Ben Laurie] They have also started to release the 1.0 Beta's. Quoting Stuart Hughes <address@hidden>:
Hi Mark,It's always good to get updates. If you get it ported, please post your patch/spec file to the list.BTW: what's changed for this later version? Regards, Stuart Mark Bishop wrote:I am going to deploy the most recent openssl with ltib. I am going to start with the current .spec file for the version that is in there. Is this something that would be worthwhile to upload to the ltib project or should I not worry about it?
[Prev in Thread] | Current Thread | [Next in Thread] |