Written by Mario
|
|
If you need to contact us write an email to [email protected] and we will answer
as soons as possible.
|
Apache 2.4.46 with updated OpenSSL 1.1.1i or LibreSSL 3.2.3 available |
Written by TrustyHausBot |
Thu, 10 Dec 2020 06:41:21 GMT |
Without much fanfare, both the OpenSSL and LibreSSL releases have been updated.
Changes:
nbspnbsp Changes between 1.1.1h and 1.1.1i [8 Dec 2020]
nbspnbsp *) Fixed NULL pointer deref in the GENERAL_NAME_cmp function nbspnbsp nbspnbsp nbspThis function could crash if both GENERAL_NAMEs contain an EDIPARTYNAME. nbspnbsp nbspnbsp nbspIf an attacker can control both items being compared nbspnbsp then this could lead nbspnbsp nbspnbsp nbspto a possible denial of service attack. OpenSSL itself uses the nbspnbsp nbspnbsp nbspGENERAL_NAME_cmp function for two purposes: nbspn
Read more
|
Apache 2.4.46 with updated OpenSSL 1.1.1h or LibreSSL 3.1.4 availabe |
Written by TrustyHausBot |
Thu, 24 Sep 2020 19:12:17 GMT |
Without much fanfare, both the OpenSSL and LibreSSL releases have been updated.
I'#039#039ve had the LibreSSL releases a few weeks and lagged on getting them out with all the fires around this area. Now is as good a time as any to put them up.
Changes:
nbspChanges between OpenSSL 1.1.1g and 1.1.1h [22 Sep 2020]
nbspnbsp *) Certificates with explicit curve parameters are now disallowed in nbspnbsp nbspnbsp nbspverification chains if the X509_V_FLAG_X509_STRICT flag is used. nbspnbsp nbspnbsp nbsp[Tomas Mraz]
nbspnbsp *) The '#039#039MinProtocol'
Read more
|
Announcing the release of Apache 2.4.46 |
Written by TrustyHausBot |
Wed, 05 Aug 2020 15:35:02 GMT |
This release is a bug fix &amp stability release.
This release includes: APR Version: nbspnbsp nbspnbsp nbspnbsp nbspnbsp 1.7.0 APU Version: nbspnbsp nbspnbsp nbspnbsp nbspnbsp 1.6.1 Brotli Version: nbspnbsp nbspnbsp 1.0.7 Jansson Version: nbspnbsp nbspnbsp 2.13.1 Libcurl Version: nbspnbsp nbsp7.70.0 LibXML2 Version: nbspnbsp nbspnbsp 2.9.10 LUA Version: nbspnbsp nbspnbsp nbspnbsp nbspnbsp 5.2.4 NGHTTP2 Version: nbspnbsp nbspnbsp 1.41.0 OpenSSL Version: nbspnbsp nbspnbsp 1.1.1g or LibreSSL 3.1.3 PCRE Version: nbspnbsp nbspnbsp nbspnbsp nbsp8.44 SQLite3 Version: nbspnbsp nbspnbsp 3.32.3 ZLib Version: nbspnbsp nbspnbsp nbspnbsp nbsp1.2.10
LibreSSL releases are n
Read more
|
Apache 2.4.43 with updated LibreSSL 3.1.2 availabe |
Written by TrustyHausBot |
Sun, 24 May 2020 20:58:58 GMT |
Announcing the release of Apache 2.4.43 with LibreSSL 3.0.2
I know I stated the next LibreSSL build was going to be VS16, but I'#039#039m having major problems getting it to build in VS16 and I do not want to wait any longer to get this out. I already skipped 3.1.0 &amp 3.1.1 because they were problematic even with VC14. LibreSSL is trying to get TLS/1.3 available and has led to problems on both. The TLS/1.3 code is in this version but has not been activated yet.
As is usual the numbers have change in.
Read more
|
|